IBM Java 1.4.2 Kerberos over TCP
Pittman Daniel E Jr Civ 96 CG/SCTOA
daniel.pittman at eglin.af.mil
Mon Oct 18 11:43:53 EDT 2004
Hello, I am trying to connect to an AD 2003 server, and am encountering the
following error
com.ibm.security.jgss.i18n.exception.KRBResponseTooBigError
After doing some research, I have found this is related to a problem which
occurs when a UDP packet is too large. UDP seems to be the only connection
protocol supported in IBM's implementation of the Kerberos/JAAS
authentication schemes, could you please verify this information? It would
be very helpful if there were a way to connect to an AD controller via TCP.
I have already tried adding the line udp_preference_limit = 1 to my
krb5.conf file, and it seems to be ignored by the IBM implementation. I
would use the Sun implementation which does now support TCP, but that
solution is also equally filled with problems for me as it does not support
the RC4/HMAC encryption scheme that my current situation is forcing me to
use. Thanks in advance for any help you can provide.
Daniel E. Pittman, Jr
96 CG/SCTOA
Phone: (850) 882-5498
More information about the Kerberos
mailing list