I have task to create SSO
(single sign-on) in Golang
application with the help of Kerberos
and Active Directory
. In other words, if an employee of the company makes a request for a specific URL, the service must return information about him.
I decided to use gokrb5 library.
What I have done so far:
1) SPN
name for the service was created in Active Directory.
2) krb5.keytab
file for the service was created.
3) Active Directory and Kerberos server located on remote Windows server.
4) Golang application would be in Linux Docker container.
5) I install Kerberos
client to Docker container.
6) I put krb5.keytab
file to etc
folder of Docker container.
7) Kerberos Realm: EXAMPLE.LOCAL.
8) hostname for the KDC Server: CS001, CS002, CS003
What the configuration file krb5.conf
for Kerberos client should look like? How in Golang application I can correctly send token to Kerberos?