Caching kerberos ticket using Java
Ranga Samudrala
Ranga_Samudrala at bmc.com
Fri Dec 21 16:36:03 EST 2007
Hello,
Has anybody found a way to store a kerberos ticket into a cache on
the file system?
I tried the following:
String ticketCache = "/tmp/KTGT-RANGA";
String newCacheFileName = "/tmp/KTGT-RANGA-NEW";
//sun.security.krb5.Credentials c =
sun.security.krb5.Credentials.acquireDefaultCreds();
sun.security.krb5.Credentials c =
sun.security.krb5.Credentials.acquireTGTFromCache(new PrincipalName
(principal, PrincipalName.KRB_NT_PRINCIPAL), ticketCache);
CredentialsCache fcache = FileCredentialsCache.create(new
PrincipalName(principal, PrincipalName.KRB_NT_PRINCIPAL),
newCacheFileName.toString());
sun.security.krb5.internal.ccache.Credentials ccreds =
new sun.security.krb5.internal.ccache.Credentials(
c.getClient(), c.getServer(), c.getSessionKey()
, new KerberosTime(c.getAuthTime()), new
KerberosTime(c.getStartTime()), new KerberosTime(c.getEndTime()), new
KerberosTime(c.getRenewTill())
, true, c.getTicketFlags(), new HostAddresses
(c.getClientAddresses()), null
, c.getTicket(), null);
fcache.update(ccreds);
fcache.save();
I am facing two issues:
1. sun.security.krb5.Credentials.acquireDefaultCreds() throws
unsatisfied link error, looking for w2k_las_auth.dll file, even
though I am running this on Linux.
2. If I bypass invoking acquireDefaultCreds(), somehow manage to
read the credential cache and try to save the credential into another
cache file, I see the following NullPointerException :
java.lang.NullPointerException
at sun.security.krb5.internal.HostAddresses.writeAddrs
(HostAddresses.java:231)
at
sun.security.krb5.internal.ccache.CCacheOutputStream.addCreds
(CCacheOutputStream.java:83)
at
sun.security.krb5.internal.ccache.FileCredentialsCache.save
(FileCredentialsCache.java:292)
Any help is appreciated.
thanks
Ranga
More information about the Kerberos
mailing list