Overview

Authentication Process

 

Figure 1-1 illustrates the actions of the components and the Kerberos

 

protocol in a secured environment.

Figure 1-1

Authentication Process

The following is a description of how a client and server authenticate each other using Kerberos:

Step 1. Send a request to the AS for a TGT. You can choose to request specific ticket flags and specify the key type to be used to construct the secret key. You can also accept the default values configured for the client.

Send the following information to the Authentication Service (AS) to obtain credentials:

Client-indicates the user name, also referred to as the principal name

Server-indicates the TGS

Chapter 1

25