1. module kerberos
   1. function kerberos.Kerberos ()
   2. function kerberos.processes.MongoAuthProcess (host, port, service_name, options)
   3. object kerberos
   4. object kerberos.Kerberos.prototype
   5. object kerberos.processes
   6. object kerberos.processes.MongoAuthProcess.prototype
2. module kerberos.Kerberos
   1. function kerberos.Kerberos ()
   2. number kerberos.Kerberos.AUTH_GSS_COMPLETE
   3. number kerberos.Kerberos.AUTH_GSS_CONTINUE
   4. number kerberos.Kerberos.GSS_C_ANON_FLAG
   5. number kerberos.Kerberos.GSS_C_CONF_FLAG
   6. number kerberos.Kerberos.GSS_C_DELEG_FLAG
   7. number kerberos.Kerberos.GSS_C_INTEG_FLAG
   8. number kerberos.Kerberos.GSS_C_MUTUAL_FLAG
   9. number kerberos.Kerberos.GSS_C_PROT_READY_FLAG
   10. number kerberos.Kerberos.GSS_C_REPLAY_FLAG
   11. number kerberos.Kerberos.GSS_C_SEQUENCE_FLAG
   12. number kerberos.Kerberos.GSS_C_TRANS_FLAG
3. module kerberos.Kerberos.prototype
   1. function kerberos.Kerberos.prototype.acquireAlternateCredentials (user_name, password, domain)
   2. function kerberos.Kerberos.prototype.authGSSClientClean (context, callback)
   3. function kerberos.Kerberos.prototype.authGSSClientInit (uri, flags, credentialsCache, callback)
   4. function kerberos.Kerberos.prototype.authGSSClientStep (context, challenge, callback)
   5. function kerberos.Kerberos.prototype.authGSSClientUnwrap (context, challenge, callback)
   6. function kerberos.Kerberos.prototype.authGSSClientWrap (context, challenge, user_name, callback)
   7. function kerberos.Kerberos.prototype.authGSSServerClean (context, callback)
   8. function kerberos.Kerberos.prototype.authGSSServerInit (service, constrained_delegation, username, callback)
   9. function kerberos.Kerberos.prototype.authGSSServerStep (context, authData, callback)
   10. function kerberos.Kerberos.prototype.authUserKrb5Password (username, password, service, callback)
   11. function kerberos.Kerberos.prototype.decryptMessage (challenge)
   12. function kerberos.Kerberos.prototype.encryptMessage (challenge)
   13. function kerberos.Kerberos.prototype.prepareOutboundPackage (principal, inputdata)
   14. function kerberos.Kerberos.prototype.queryContextAttribute (attribute)
4. module kerberos.kerberos
   1. function kerberos.kerberos.Kerberos ()
   2. object kerberos.kerberos.processes
5. module kerberos.processes
   1. function kerberos.processes.MongoAuthProcess (host, port, service_name, options)
6. module kerberos.processes.MongoAuthProcess
   1. function kerberos.processes.MongoAuthProcess (host, port, service_name, options)
7. module kerberos.processes.MongoAuthProcess.prototype
   1. function kerberos.processes.MongoAuthProcess.prototype.init (username, password, callback)
   2. function kerberos.processes.MongoAuthProcess.prototype.transition (payload, callback)

module kerberos

function kerberos.Kerberos ()

• description and source-code

  Kerberos = function () {
    this._native_kerberos = new KerberosNative();
  }

• example usage

  n/a

function kerberos.processes.MongoAuthProcess (host, port, service_name, options)

• description and source-code

  processes.MongoAuthProcess = function (host, port, service_name, options) {
    // Check what system we are on
    if(process.platform == 'win32') {
      this._processor = new Win32MongoProcessor(host, port, service_name, options);
    } else {
      this._processor = new UnixMongoProcessor(host, port, service_name, options);
    }
  }

• example usage

  n/a

module kerberos.Kerberos

function kerberos.Kerberos ()

• description and source-code

  Kerberos = function () {
    this._native_kerberos = new KerberosNative();
  }

• example usage

  n/a

module kerberos.Kerberos.prototype

function kerberos.Kerberos.prototype.acquireAlternateCredentials (user_name, password, domain)

• description and source-code

  acquireAlternateCredentials = function (user_name, password, domain) {
    return this._native_kerberos.acquireAlternateCredentials(user_name, password, domain);
  }

• example usage

  ...
  // can spoof your KDC  (see: https://github.com/qesuto/node-krb5/issues/13)
  // callback receives error and boolean
  Kerberos.prototype.authUserKrb5Password = function(username, password, service, callback) {
      return this._native_kerberos.authUserKrb5Password(username, password, service, callback);
  };
  
  Kerberos.prototype.acquireAlternateCredentials = function(user_name, password, domain) {
    return this._native_kerberos.acquireAlternateCredentials(user_name, password, domain
  );
  }
  
  Kerberos.prototype.prepareOutboundPackage = function(principal, inputdata) {
    return this._native_kerberos.prepareOutboundPackage(principal, inputdata);
  }
  
  Kerberos.prototype.decryptMessage = function(challenge) {
  ...

function kerberos.Kerberos.prototype.authGSSClientClean (context, callback)

• description and source-code

  authGSSClientClean = function (context, callback) {
    return this._native_kerberos.authGSSClientClean(context, callback);
  }

• example usage

  ...
  
    return this._native_kerberos.authGSSClientWrap(context, challenge, user_name, callback);
  }
  
  // free memory used by a context created using authGSSClientInit.
  // callback takes one argument, an error string if defined.
  Kerberos.prototype.authGSSClientClean = function(context, callback) {
    return this._native_kerberos.authGSSClientClean(context, callback);
  }
  
  // The server will obtain credentials using a keytab.  To override the
  // default location (probably /etc/krb5.keytab) set the KRB5_KTNAME
  // environment variable.
  // The service name should be in the form service, or service@host.name
  // e.g. for HTTP, use "HTTP" or "HTTP@my.host.name". See gss_import_name
  ...

function kerberos.Kerberos.prototype.authGSSClientInit (uri, flags, credentialsCache, callback)

• description and source-code

  authGSSClientInit = function (uri, flags, credentialsCache, callback) {
    if (typeof(credentialsCache) == 'function') {
      callback = credentialsCache;
      credentialsCache = '';
    }
  
    if (credentialsCache === undefined) {
        credentialsCache = '';
    }
  
    return this._native_kerberos.authGSSClientInit(uri, flags, credentialsCache, callback);
  }

• example usage

  ...
      credentialsCache = '';
    }
  
    if (credentialsCache === undefined) {
        credentialsCache = '';
    }
  
    return this._native_kerberos.authGSSClientInit(uri, flags, credentialsCache, callback
  );
  }
  
  // This will obtain credentials using a credentials cache. To override the default
  // location (posible /tmp/krb5cc_nnnnnn, where nnnn is your numeric uid) use
  // the environment variable KRB5CNAME.
  // The credentials (suitable for using in an 'Authenticate: ' header, when prefixed
  // with 'Negotiate ') will be available as context.response inside the callback
  ...

function kerberos.Kerberos.prototype.authGSSClientStep (context, challenge, callback)

• description and source-code

  authGSSClientStep = function (context, challenge, callback) {
    if(typeof challenge == 'function') {
      callback = challenge;
      challenge = '';
    }
  
    return this._native_kerberos.authGSSClientStep(context, challenge, callback);
  }

• example usage

  ...
  // callback takes one argument, an error string if defined
  Kerberos.prototype.authGSSClientStep = function(context, challenge, callback) {
  if(typeof challenge == 'function') {
    callback = challenge;
    challenge = '';
  }
  
  return this._native_kerberos.authGSSClientStep(context, challenge, callback);
  }
  
  Kerberos.prototype.authGSSClientUnwrap = function(context, challenge, callback) {
  if(typeof challenge == 'function') {
    callback = challenge;
    challenge = '';
  }
  ...

function kerberos.Kerberos.prototype.authGSSClientUnwrap (context, challenge, callback)

• description and source-code

  authGSSClientUnwrap = function (context, challenge, callback) {
    if(typeof challenge == 'function') {
      callback = challenge;
      challenge = '';
    }
  
    return this._native_kerberos.authGSSClientUnwrap(context, challenge, callback);
  }

• example usage

  ...
  
  Kerberos.prototype.authGSSClientUnwrap = function(context, challenge, callback) {
  if(typeof challenge == 'function') {
    callback = challenge;
    challenge = '';
  }
  
  return this._native_kerberos.authGSSClientUnwrap(context, challenge, callback);
  }
  
  Kerberos.prototype.authGSSClientWrap = function(context, challenge, user_name, callback) {
  if(typeof user_name == 'function') {
    callback = user_name;
    user_name = '';
  }
  ...

function kerberos.Kerberos.prototype.authGSSClientWrap (context, challenge, user_name, callback)

• description and source-code

  authGSSClientWrap = function (context, challenge, user_name, callback) {
    if(typeof user_name == 'function') {
      callback = user_name;
      user_name = '';
    }
  
    return this._native_kerberos.authGSSClientWrap(context, challenge, user_name, callback);
  }

• example usage

  ...
  
  Kerberos.prototype.authGSSClientWrap = function(context, challenge, user_name, callback) {
    if(typeof user_name == 'function') {
      callback = user_name;
      user_name = '';
    }
  
    return this._native_kerberos.authGSSClientWrap(context, challenge, user_name, callback
  );
  }
  
  // free memory used by a context created using authGSSClientInit.
  // callback takes one argument, an error string if defined.
  Kerberos.prototype.authGSSClientClean = function(context, callback) {
    return this._native_kerberos.authGSSClientClean(context, callback);
  }
  ...

function kerberos.Kerberos.prototype.authGSSServerClean (context, callback)

• description and source-code

  authGSSServerClean = function (context, callback) {
    return this._native_kerberos.authGSSServerClean(context, callback);
  }

• example usage

  ...
    constrained_delegation = !!constrained_delegation;
  
    return this._native_kerberos.authGSSServerInit(service, constrained_delegation, username, callback);
  };
  
  //callback takes one argument, an error string if defined.
  Kerberos.prototype.authGSSServerClean = function(context, callback) {
    return this._native_kerberos.authGSSServerClean(context, callback);
  };
  
  // authData should be the base64 encoded authentication data obtained
  // from client, e.g., in the Authorization header (without the leading
  // "Negotiate " string) during SPNEGO authentication.  The authenticated user
  // is available in context.username after successful authentication.
  // callback takes one argument, an error string if defined.
  ...

function kerberos.Kerberos.prototype.authGSSServerInit (service, constrained_delegation, username, callback)

• description and source-code

  authGSSServerInit = function (service, constrained_delegation, username, callback) {
    if(typeof(constrained_delegation) === 'function') {
  	  callback = constrained_delegation;
  	  constrained_delegation = false;
  	  username = null;
    }
  
    if (typeof(constrained_delegation) === 'string') {
  	  throw new Error("S4U2Self protocol transation is not possible without enabling constrained delegation");
    }
  
    if (typeof(username) === 'function') {
  	  callback = username;
  	  username = null;
    }
  
    constrained_delegation = !!constrained_delegation;
  
    return this._native_kerberos.authGSSServerInit(service, constrained_delegation, username, callback);
  }

• example usage

  ...
    if (typeof(username) === 'function') {
  	  callback = username;
  	  username = null;
    }
  
    constrained_delegation = !!constrained_delegation;
  
    return this._native_kerberos.authGSSServerInit(service, constrained_delegation, username
  , callback);
  };
  
  //callback takes one argument, an error string if defined.
  Kerberos.prototype.authGSSServerClean = function(context, callback) {
    return this._native_kerberos.authGSSServerClean(context, callback);
  };
  ...

function kerberos.Kerberos.prototype.authGSSServerStep (context, authData, callback)

• description and source-code

  authGSSServerStep = function (context, authData, callback) {
    return this._native_kerberos.authGSSServerStep(context, authData, callback);
  }

• example usage

  ...
  // is available in context.username after successful authentication.
  // callback takes one argument, an error string if defined.
  //
  // Note: when S4U2Self protocol transition was requested in the authGSSServerInit
  // no actual authentication will be performed and authData will be ignored.
  //
  Kerberos.prototype.authGSSServerStep = function(context, authData, callback) {
    return this._native_kerberos.authGSSServerStep(context, authData, callback);
  };
  
  // authenticate the username and password against the KDC, and verify the KDC using a local
  // service key stored in the keytab.  See above for details on providing the keytab.
  // The service should be the service principal name for a key available in the local keytab,
  // e.g. HTTP/somehost.example.com.  If service is an empty tring, KDC verification will
  // be skipped.  DON'T DO THIS - it's a possible security vulnerability if an attacker
  ...

function kerberos.Kerberos.prototype.authUserKrb5Password (username, password, service, callback)

• description and source-code

  authUserKrb5Password = function (username, password, service, callback) {
      return this._native_kerberos.authUserKrb5Password(username, password, service, callback);
  }

• example usage

  ...
  // service key stored in the keytab.  See above for details on providing the keytab.
  // The service should be the service principal name for a key available in the local keytab,
  // e.g. HTTP/somehost.example.com.  If service is an empty tring, KDC verification will
  // be skipped.  DON'T DO THIS - it's a possible security vulnerability if an attacker
  // can spoof your KDC  (see: https://github.com/qesuto/node-krb5/issues/13)
  // callback receives error and boolean
  Kerberos.prototype.authUserKrb5Password = function(username, password, service, callback) {
      return this._native_kerberos.authUserKrb5Password(username, password, service, callback
  );
  };
  
  Kerberos.prototype.acquireAlternateCredentials = function(user_name, password, domain) {
    return this._native_kerberos.acquireAlternateCredentials(user_name, password, domain);
  }
  
  Kerberos.prototype.prepareOutboundPackage = function(principal, inputdata) {
  ...

function kerberos.Kerberos.prototype.decryptMessage (challenge)

• description and source-code

  decryptMessage = function (challenge) {
    return this._native_kerberos.decryptMessage(challenge);
  }

• example usage

  ...
  }
  
  Kerberos.prototype.prepareOutboundPackage = function(principal, inputdata) {
    return this._native_kerberos.prepareOutboundPackage(principal, inputdata);
  }
  
  Kerberos.prototype.decryptMessage = function(challenge) {
    return this._native_kerberos.decryptMessage(challenge);
  }
  
  Kerberos.prototype.encryptMessage = function(challenge) {
    return this._native_kerberos.encryptMessage(challenge);
  }
  
  Kerberos.prototype.queryContextAttribute = function(attribute) {
  ...

function kerberos.Kerberos.prototype.encryptMessage (challenge)

• description and source-code

  encryptMessage = function (challenge) {
    return this._native_kerberos.encryptMessage(challenge);
  }

• example usage

  ...
  }
  
  Kerberos.prototype.decryptMessage = function(challenge) {
    return this._native_kerberos.decryptMessage(challenge);
  }
  
  Kerberos.prototype.encryptMessage = function(challenge) {
    return this._native_kerberos.encryptMessage(challenge);
  }
  
  Kerberos.prototype.queryContextAttribute = function(attribute) {
    if(typeof attribute != 'number' && attribute != 0x00) throw new Error("Attribute not supported");
    return this._native_kerberos.queryContextAttribute(attribute);
  }
  ...

function kerberos.Kerberos.prototype.prepareOutboundPackage (principal, inputdata)

• description and source-code

  prepareOutboundPackage = function (principal, inputdata) {
    return this._native_kerberos.prepareOutboundPackage(principal, inputdata);
  }

• example usage

  ...
  };
  
  Kerberos.prototype.acquireAlternateCredentials = function(user_name, password, domain) {
    return this._native_kerberos.acquireAlternateCredentials(user_name, password, domain);
  }
  
  Kerberos.prototype.prepareOutboundPackage = function(principal, inputdata) {
    return this._native_kerberos.prepareOutboundPackage(principal, inputdata);
  }
  
  Kerberos.prototype.decryptMessage = function(challenge) {
    return this._native_kerberos.decryptMessage(challenge);
  }
  
  Kerberos.prototype.encryptMessage = function(challenge) {
  ...

function kerberos.Kerberos.prototype.queryContextAttribute (attribute)

• description and source-code

  queryContextAttribute = function (attribute) {
    if(typeof attribute != 'number' && attribute != 0x00) throw new Error("Attribute not supported");
    return this._native_kerberos.queryContextAttribute(attribute);
  }

• example usage

  ...
  
  Kerberos.prototype.encryptMessage = function(challenge) {
    return this._native_kerberos.encryptMessage(challenge);
  }
  
  Kerberos.prototype.queryContextAttribute = function(attribute) {
    if(typeof attribute != 'number' && attribute != 0x00) throw new Error("Attribute not supported");
    return this._native_kerberos.queryContextAttribute(attribute);
  }
  
  // Some useful result codes
  Kerberos.AUTH_GSS_CONTINUE     = 0;
  Kerberos.AUTH_GSS_COMPLETE     = 1;
  
  // Some useful gss flags
  ...

module kerberos.kerberos

function kerberos.kerberos.Kerberos ()

• description and source-code

  Kerberos = function () {
    this._native_kerberos = new KerberosNative();
  }

• example usage

  n/a

module kerberos.processes

function kerberos.processes.MongoAuthProcess (host, port, service_name, options)

• description and source-code

  MongoAuthProcess = function (host, port, service_name, options) {
    // Check what system we are on
    if(process.platform == 'win32') {
      this._processor = new Win32MongoProcessor(host, port, service_name, options);
    } else {
      this._processor = new UnixMongoProcessor(host, port, service_name, options);
    }
  }

• example usage

  n/a

module kerberos.processes.MongoAuthProcess

function kerberos.processes.MongoAuthProcess (host, port, service_name, options)

• description and source-code

  MongoAuthProcess = function (host, port, service_name, options) {
    // Check what system we are on
    if(process.platform == 'win32') {
      this._processor = new Win32MongoProcessor(host, port, service_name, options);
    } else {
      this._processor = new UnixMongoProcessor(host, port, service_name, options);
    }
  }

• example usage

  n/a

module kerberos.processes.MongoAuthProcess.prototype

function kerberos.processes.MongoAuthProcess.prototype.init (username, password, callback)

• description and source-code

  init = function (username, password, callback) {
    this._processor.init(username, password, callback);
  }

• example usage

  n/a

function kerberos.processes.MongoAuthProcess.prototype.transition (payload, callback)

• description and source-code

  transition = function (payload, callback) {
    this._processor.transition(payload, callback);
  }

• example usage

  n/a