Kerberos Sequence Diagrams
Kerberos allows the users to login once and then automatically get logged into all the services they may need. The mechanism used here is similar to the steps you have to take to purchase food at a stall at a fair:
- You pay cash and get a ticket specifying the amount you paid.
- You then take your ticket to another stall where you present the ticket and get tokens for individual items that you ordered.
- Now you visit individual stalls, present the token and collect the food item.
Authentication is Kerberos is very similar:
- Authenticate yourself with the Authentication Server and get a "Ticket Granting Ticket".
- Present the "Ticket Granting Ticket" to the "Ticket Granting Server" and get a Service Ticket
- Present the Service Ticket and get the requested service.
Kerberos sequence diagram
Kerberos protocol flow describing authenticating, getting a TGT, getting a service ticket and presenting the ticket to get service.
Kerberos interaction overview
High level flow between the user, key distribution center and services.
Kerberos Ticket Granting Server flow
Focus on the interactions of the Ticket Granting Sever that show how a ticket request is processed.