The rkerberos library provides a Ruby interface for Kerberos.
Kerberos 1.7.0 or later, including admin header and library files.
krb5 must be installed from source before installing the rkerberos gem:
wget http://web.mit.edu/kerberos/dist/krb5/1.10/krb5-1.10.2-signed.tar
tar -xf krb5-1.10.2-signed.tar
tar -xf krb5-1.10.2-signed.tar.gz
cd krb5-1.10.2
./configure
make
make install
latest release is here: http://web.mit.edu/kerberos/dist/index.html
require 'rkerberos'
# Get the default realm name
krb5 = Kerberos::Krb5.new
puts krb5.default_realm
krb5.close
# Get the default keytab name
keytab = Kerberos::Krb5::Keytab.new
puts keytab.default_name
keytab.close
# Set the password for a given principal
kadm5 = Kerberos::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx')
kadm5.set_password('someuser', 'abc123')
kadm5.close
# Using the block form
Kerberos::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx') do |kadm5|
p kadm5.get_principal('someuser')
kadm5.set_password('someuser', 'abc123')
end
The rkerberos library is a repackaging of my custom branch of the krb5_auth library. Eventually the gem djberg96-krb5_auth will be removed from the gem index.
This code was written for the MIT Kerberos library. It has not been tested with the Heimdal Kerberos library.
Create a separate class for the replay cache. Better credentials cache support. Ability to add and delete keytab entries.
Daniel Berger Dominic Cleal (maintainer)