I have successfully installed ldap and kerberos. I was also able to make a simple c program with SASL/GSSAPI to search data in my ldapserver?
But I was not find any article (that I can follow easily) on how to use the the single sign on functionality in a client server system? I am not even sure how the communication between client and server happens in SSO.
How would a server know that client is a valid client?
Are there any sample examples/tutorials to make such a system?
Edit: The server can be as simple as receiving hello from authenticated client. So client should have kerberos ticket and server should verify the ticket if it is valid or not.
I could compile gsspapi program using libs and dll provided by MIT. the files I needed were gsskrb5.dll,gssapi32.lib,comerr32.lib
These will depend upon the version of kerberos for which they were compiled but I was successful in compiling the example given by mit http://web.mit.edu/macdev/KfM/KerberosFramework/Kerberos5/Tools/GSSExample/ using MinGW gcc compiler after few tweaks.
However I could not communicate successfully using SSPI api by microsoft (that may be due to my lack of knowledge)