The following table defines the terminologies commonly used with Kerberos and GSSAPI.
Table E-1 Kerberos/GSSAPI Terminology
Term |
Definition |
---|---|
Key Distribution Center (KDC) |
Kerberos server which authenticates users and issues tickets. |
Principal |
An entity (user or service instance) registered with the KDC. |
Realm |
A domain or grouping of principals served by a set of KDCs. |
Service Ticket (ST) |
A record containing client information, service information, and a session key which is encrypted with the particular service principal’s shared key |
Ticket Granting Ticket (TGT) |
A type of ticket that the client can obtain additional Kerberos tickets with. |