Delegation w/ Java
Seema Malkani
Seema.Malkani at Sun.COM
Wed Sep 6 14:06:24 EDT 2006
If you are using system property "java.security.krb5.conf" to specify
the Kerberos configuration file, and have defined only rc4-hmac as the
encryption type, but your AD account is configured for DES, you will get
an error.
Seema
Michael B Allen wrote On 09/05/06 12:35,:
>On Tue, 05 Sep 2006 11:50:52 -0700
>Seema Malkani <Seema.Malkani at Sun.COM> wrote:
>
>
>
>>Support for RC4-HMAC is available starting from J2SE 5.0 Update 7.
>>
>>
><snip>
>
>
>>3) Update Kerberos configuration file to include following:
>>[libdefaults]
>>default_tkt_enctypes = rc4-hmac
>>default_tgs_enctypes = rc4-hmac
>>
>>
>
>Hi Semma,
>
>After upgrading to 1.5 update 8 I was able to get the example to work. But
>I did not set these libdefaults parameters so I'm curious as to what
>they do exactly. Under what conditions would undesireable behavior occur
>as a result of not specifying the default enctypes to RC4-HMAC? Do they
>just allow the client to report an error in the event DES is used?
>
>Mike
>
>
>
More information about the Kerberos
mailing list