Support calling kinit to get Kerberos ticket during DAST scan

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Problem

DASTs Windows integration authentication support (Kerberos) required the user to supply a before_script that calls kinit to authenticate against the KDC. This is something that should be performed automatically by DAST if the Kerberos variables are in use.

Proposal

If DAST_AUTH_KERBEROS_REALM and DAST_AUTH_KERBEROS_DC are set, and DAST_AUTH_TYPE is basic-digest call kinit
Call kinit $DAST_AUTH_USERNAME and supply $DAST_AUTH_USERNAME\n as the input.
Check to make sure return code is correct otherwise treat as error and exit.

Edited Jun 20, 2025 by 🤖 GitLab Bot 🤖