telecom • networking • design

an EventHelix.com blog


Leave a comment

Kerberos Sequence Diagram

Buying food via tickets and tokens

Kerberos allows the users to login once and then automatically get logged into all the services they may need. The mechanism used here is similar to the steps you have to take to purchase food at a stall at a fair:

  1. You pay cash and get a ticket specifying the amount you paid.
  2. You then take your ticket to another stall where you present the ticket and get tokens for individual items that you ordered.
  3. Now you visit individual stalls, present the token and collect the food item.

Three step ticket based authentication in Kerberos

Authentication is Kerberos is very similar:

  1. Authenticate yourself with the Authentication Server and get a “Ticket Granting Ticket”.
  2. Present the “Ticket Granting Ticket” to the “Ticket Granting Server” and get a Service Ticket.
  3. Present the Service Ticket and get the requested service.

Kerberos Sequence Diagram

The following Kerberos Sequence Diagram explains the feature in great detail:

Kerberos Sequence Diagram; Ticket Granting Ticket creation

Advertisements


Leave a comment

LDAP sequence diagram with Kerberos authentication

The LDAP sequence diagram describes authenticated LDAP directory lookup. The steps covered are:

  1. TCP connection establishment with the LDAP server
  2. Initial interaction to list the available services.
  3. Authenticate with the Kerberos server and obtain a ticket to proceed with the authentication with the LDAP server.
  4. Armed with the Kerberos ticket, the LDAP client uses bind to authenticate and initiate a secure connection.
  5. Encrypted LDAP communication follows.

The LDAP message flow is presented as a context diagram as well.