diff --git a/Kerberos.NET/Client/KerberosClient.cs b/Kerberos.NET/Client/KerberosClient.cs
index e0def52..ee1519d 100644
--- a/Kerberos.NET/Client/KerberosClient.cs
+++ b/Kerberos.NET/Client/KerberosClient.cs
@@ -259,6 +259,30 @@ public string UserPrincipalName
}
}
+ ///
+ /// Create a new Kerberos client based on the configuration of an existing client or create a new one from scratch.
+ ///
+ /// The client to copy from
+ /// The config to pass in if the client is null
+ /// The logger to use for the new client
+ ///
+ internal static KerberosClient CopyOrCreate(KerberosClient delegationClient, Krb5Config config, ILoggerFactory logger)
+ {
+ if (delegationClient == null)
+ {
+ return new KerberosClient(config, logger) { CacheInMemory = true };
+ }
+
+ return new KerberosClient(
+ delegationClient.Configuration ?? config,
+ delegationClient.loggerFactory ?? logger,
+ delegationClient.Transports.ToArray()
+ )
+ {
+ CacheInMemory = true
+ };
+ }
+
///
/// Reset any connection state that may be cached from previous attempts.
///
diff --git a/Kerberos.NET/KerberosAuthenticator.cs b/Kerberos.NET/KerberosAuthenticator.cs
index abf76ea..4c52176 100644
--- a/Kerberos.NET/KerberosAuthenticator.cs
+++ b/Kerberos.NET/KerberosAuthenticator.cs
@@ -9,6 +9,7 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
+using Kerberos.NET.Client;
using Kerberos.NET.Configuration;
using Kerberos.NET.Crypto;
using Kerberos.NET.Entities;
@@ -27,17 +28,21 @@ public class KerberosAuthenticator
public UserNameFormat UserNameFormat { get; set; } = UserNameFormat.UserPrincipalName;
- public KerberosAuthenticator(string upn, KeyTable keytab, Krb5Config config, ILoggerFactory logger = null)
+ public KerberosAuthenticator(string upn, KeyTable keytab, KerberosClient delegationClient, ILoggerFactory logger = null)
: this(new KerberosValidator(keytab, logger))
{
if (!string.IsNullOrWhiteSpace(upn))
{
- this.s4uProvider = new S4UProviderFactory(upn, keytab, config, logger);
+ this.s4uProvider = new S4UProviderFactory(upn, keytab, delegationClient, delegationClient?.Configuration, logger);
}
}
+ public KerberosAuthenticator(string upn, KeyTable keytab, Krb5Config config = null, ILoggerFactory logger = null)
+ : this(upn, keytab, new KerberosClient(config, logger) { CacheInMemory = true }, logger)
+ { }
+
public KerberosAuthenticator(KeyTable keytab, ILoggerFactory logger = null)
- : this(null, keytab, null, logger)
+ : this(null, keytab, (Krb5Config)null, logger)
{
}
diff --git a/Kerberos.NET/S4UProviderFactory.cs b/Kerberos.NET/S4UProviderFactory.cs
index c4718af..cb65776 100644
--- a/Kerberos.NET/S4UProviderFactory.cs
+++ b/Kerberos.NET/S4UProviderFactory.cs
@@ -16,9 +16,9 @@ internal class S4UProviderFactory : IS4UProviderFactory
private readonly KerberosClient client;
private readonly KerberosCredential credential;
- public S4UProviderFactory(string upn, KeyTable keytab, Krb5Config config = null, ILoggerFactory logger = null)
+ public S4UProviderFactory(string upn, KeyTable keytab, KerberosClient delegationClient, Krb5Config config = null, ILoggerFactory logger = null)
{
- this.client = new KerberosClient(config, logger) { CacheInMemory = true };
+ this.client = KerberosClient.CopyOrCreate(delegationClient, config, logger);
this.credential = new KeytabCredential(upn, keytab);
}