tickets not showing up
Jeffrey Altman
jaltman2 at nyc.rr.com
Tue Jul 27 11:05:14 EDT 2004
David Tsai wrote:
> Hi, I'm new to Kerberos from the admin/developer end of things and am working on a Java 1.4.2 GSS-API project where I'm trying to kerberize a few classes. I set up a KDC on a Linux 9 server and have a Windows XP client machine connecting to it. I ran the JAAS Authenticaction tutorial at http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/AcnOnly.html and it said "authentification succeeded". However, when I do a "klist" on the KDC server or on the Windows XP machine, I don't see any tickets issued. I system.out'ed the mysubject.getPrivateCredentials() and it prints out all the info for a ticket that I supposedly got, but I am baffled at why klist doesn't show it.
>
> Any insight on this would be greatly apprecitaed.
>
> --David
The reason the tickets do not show up in the Windows LSA cache is that
they are being requested by Java with a specific enctype. In this case
DES-CBC-CRC. As such, the Windows LSA cache refuses to cache the ticket
and instead makes a new ticket request each time the cache is asked for
the ticket.
The ticket will therefore only be reported by Java.
Jeffrey Altman
--
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
More information about the Kerberos
mailing list