Java sample for SSO using JAAS on XP SP2, did anybody get itto work?

Markus Moeller huaraz at moeller.plus.com
Sun Apr 3 09:19:43 EDT 2005


Could it be a problem with the encryption types ? Windows default is 
rc4-hmac which isn't supported by Suns JAAS.

Markus

"vadim" <vadim.tarassov at swissonline.ch> wrote in message 
news:1112532703.5072.0.camel at localhost.localdomain...
> Hallo,
>
> read this:
>
> http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/module/Krb5LoginModule.html
>
> Regards, vadim tarassov
>
> On Fri, 2005-04-01 at 17:05 -0600, Bajpai, Atul wrote:
>> Hi all,
>> I am using a JAAS sample to try SSO on windows. My problem is When I use
>> the Krb5LoginModule I am always prompted for a username and password. I
>> want my app to get the kerberos ticket for the currently logged in user
>> (which is me) without being prompted for username/password. To
>> understand the problem I set debug=true and following is the output I
>> get before I get prompted for username/pwd
>> ===================================
>> Debug is  true storeKey false useTicketCache true useKeyTab false
>> doNotPrompt false ticketCache is null KeyTab is null refreshKrb5Config
>> is true principal is null tryFirstPass is false useFirstPass is false
>> storePass is false clearPass is false
>> Refreshing Kerberos configuration
>> Principal is null
>> null credentials from Ticket Cache
>> ===========================
>> My question is
>> 1) Does this mean that ticket cache cannot be found hence a ticket could
>> not be found or just that the ticket cache is empty?
>> 2) How do I find out where my ticket cache is and what it has?
>> 3) When prompted for username/pwd, if I supply either mine or a test
>> account username/pwd, my login succeeds and I get back a subject from
>> the logincontext where I can see a kerberos ticket as part of the
>> private credentials. What could be the reason for my sample app not
>> being able to get a kerberos ticket for the currently logged in user
>> without prompting for username/pwd?
>>
>> Seems like some of you have dealt with JAAS on windows before so I'll
>> really appreciate any pointers I can get on this.
>>
>> thanks
>>
>>
>> ________________________________________________
>> Kerberos mailing list           Kerberos at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
> -- 
> vadim <vadim.tarassov at swissonline.ch>
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
> 





More information about the Kerberos mailing list