Java GSS/Kerberos issue - Autheticating server
Seema Malkani
Seema.Malkani at Sun.COM
Fri Dec 2 14:54:26 EST 2005
Laurence Brockman wrote:
>
>[root at localhost laurence]# more /tmp/jaas.conf
>/** Login Configuration
> **/
>JaasServer {
> com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true
>storeKey=true keyTab="/etc/krb5.keytab";
>};
>
>*Code from GSSAuthorizor:*
>
> GSSManager manager = GSSManager.getInstance();
> Oid kerberos = new Oid("1.2.840.113554.1.2.2");
> this.serverName = "another at admin";
> GSSName serverGSSName = manager.createName(this.serverName,
>GSSName.NT_USER_NAME);
> GSSCredential serverGSSCreds = manager.createCredential(serverGSSName,
>GSSCredential.INDEFINITE_LIFETIME,
> kerberos, GSSCredential.ACCEPT_ONLY);
> log.debug("Created credentials for the service");
>
>
>
>
You can create GSSName as follows:
GSSManager manager = GSSManager.getInstance();
Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
// Identify the name of the server. This uses a Kerberos specific
// name format.
GSSName serverName = manager.createName("nfs/foo.sun.com",
krb5PrincipalNameType);
If you still have problems, send me a Kerberos debug output using
"-Dsun.security.krb5.debug=true".
Seema
More information about the Kerberos
mailing list