Encryption types
Richard Gundersen
richardgundersen at hotmail.com
Thu Apr 8 12:37:37 EDT 2004
Hi
I'm sorry to post such a simple question here but I have been trying for two
days to get a Java client-server example working with no success (actually
from the tutorial on Sun's website). I'm using MIT out of the box, but my
'server' complains about the encryption type not being supported when my
'client' tries to communicate with it. Both programs can authenticate
against the KDC fine, but they cant talk to each other.
My krb5.conf file looks like this:
+++++++++++++++++++++++++
[libdefaults]
default_keytab_name =c:/j2sdk1.4.2_04/jre/lib/security/spnego.keytab
default_realm = EXPERIMENTAL.COM
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
default_checksum = rsa-md5
kdc_timesync = 0
kdc_default_options = 0x40000010
clockskew = 300
check_delegate = 0
ccache_type = 3
kdc_timeout = 60000
[realms]
EXPERIMENTAL.COM = {
kdc = linux.experimental.com:88
admin_server = linux.experimental.com:749
default_domain = experimental.com
}
[domain_realm]
.experimental.com = experimental.COM
++++++++++++++++++++++++++++
This is the error message that I now know off by heart:
"Failure unspecified at GSS-API level (Mechanism level: KDC has no support
for encryption type (14))"
If anyone could tell me how the syntax should be, I'd be really grateful. Or
point me in the direction of some good documentation (good Java/GSS docs
seem to be a bit hard to come by...)
Also, as a bonus question - what are people's opinions on Kerberos support
in Java? Is it up to the job yet or is it still quite immature?
Regards
Richard
_________________________________________________________________
Stay in touch with absent friends - get MSN Messenger
http://www.msn.co.uk/messenger
More information about the Kerberos
mailing list