Java GSSAPI Kerberos question
Danny Cho
dsycho at gmail.com
Fri Aug 22 20:15:32 EDT 2008
I am hoping that someone here can help me. I have a problem with Java
GSSAPI that I don't know how to solve. I have written a test Java server which
acts as a Kerberos service that uses GSSAPI to authenticate users connect to
the service. Here is my gss.conf:
com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule
required
isInitiator=false
storeKey=true
keyTab="/home/danny/temp/GSSKerberosServer/kserver.keytab"
doNotPrompt=true
useKeyTab=true
principal="kserver/danny.com"
debug=true;
};
Everything works fine. But then I tried making the server runtime reload the
keytab by manually (physically) overwritten the keytab file but noticed that
the new file doesn't get read (it still uses the old key) when a new
GSSCredential is created. Can someone please tell me how to tell GSSAPI to
re-read the keytab? I can post my test server code if anyone wants to see
it.
More information about the Kerberos
mailing list