Java Kerberos question (solved)

Dieter Schicker didi at ling.uni-graz.at
Fri Jan 6 13:36:53 EST 2006


I managed to solve my problem.

1. extracted keytab for special user
2. jaas.conf looks like

XlabAdminLoginContext {
   com.sun.security.auth.module.Krb5LoginModule required
     useKeyTab=true
     keyTab=didi.keytab
     doNotPrompt=true
     principal=didi
   ;
};

Cheers
Didi

Dieter Schicker wrote:
> Hi,
> 
> I have a java application and want to use the kerberos ticket cache for 
> authentication just for testing because I don't want to type in the 
> credentials each time the application starts.
> 
> I have the following jaas.conf file
> 
> XlabAdminLoginContext {
>   com.sun.security.auth.module.Krb5LoginModule required
>             useTicketCache="true"
>             ticketCache="/tmp/krb5cc_1000"
>             doNotPrompt="true"
>             principal="didi at SOME.DOMAIN.TLD"
>             ;
> };
> 
> The java code looks like
> 
> <code>
> System.setProperty("java.security.krb5.kdc", KRB5_HOST);
> 
> try {
>   loginContext = new LoginContext("XlabAdminLoginContext", new 
> DialogCallbackHandler());
>   }
> catch (LoginException ex) {
>   ...
> }
> </code>
> 
> That throws a
> 
> "javax.security.auth.login.LoginException: Unable to obtain password 
> from user"
> 
> When I use the DialogCallbackHandler and do not set "doNotPrompt=true" 
> everything works fine.
> 
> What am I doing wrong? I stress again that it's only for development 
> purposes and I wouldn't care setting the password somewhere in the 
> clear, but where ...?
> 
> Thanks in advance
> Didi



More information about the Kerberos mailing list