What is Kerberos ?

A few days ago in our project we had a scenario where the reports could not do user authentication.And at last it came down to Kerberos.

Let me try to explain the scenario :

The reports needed to do some encryption/decryption using a encryption/decryption  key.
Now the key was available in another server ,other than that of the reporting server and the DB server.

So the architecture had three servers - 

1. Server with key.
2. Server with reporting service installed.
3. Server with the DB installed.

So in such architecture ,in order to implement the single sign on technology ,the user authentication needed to flow from one server to another .

Note :Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Conversely, single sign-off is the property whereby a single action of signing out terminates access to multiple software systems.(Wikipedia)

Kerberos enables this authentication flow.

Note :Kerberos /ˈkɛərbərəs/ is a computer network authentication protocol which works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.(Wikipedia)

Our requirement was - The windows user id to be passed from one server to another after the user has initially logged onto one ,using his windows user id.He should not have to authenticate himself at each layer.And for us ,this was not happening.Logged into one server ,authentication was failing in another server.On further investigation we found our Kerberos to be not installed properly.So if you face similar issue check your Kerberos installation first.