tickets not showing up

Jeffrey Altman jaltman2 at nyc.rr.com
Tue Jul 27 11:05:14 EDT 2004


David Tsai wrote:
> Hi, I'm new to Kerberos from the admin/developer end of things and am working on a Java 1.4.2 GSS-API project where I'm trying to kerberize a few classes.  I set up a KDC on a Linux 9 server and have a Windows XP client machine connecting to it.  I ran the JAAS Authenticaction tutorial at http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/AcnOnly.html and it said "authentification succeeded".  However, when I do a "klist" on the KDC server or on the Windows XP machine, I don't see any tickets issued.  I system.out'ed the mysubject.getPrivateCredentials() and it prints out all the info for a ticket that I supposedly got, but I am baffled at why klist doesn't show it.
> 
> Any insight on this would be greatly apprecitaed.
> 
> --David

The reason the tickets do not show up in the Windows LSA cache is that 
they are being requested by Java with a specific enctype.  In this case
DES-CBC-CRC.  As such, the Windows LSA cache refuses to cache the ticket
and instead makes a new ticket request each time the cache is asked for
the ticket.

The ticket will therefore only be reported by Java.

Jeffrey Altman


-- 
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu


More information about the Kerberos mailing list