Instant Messaging client-server solution?
Russ Allbery
rra at stanford.edu
Tue May 24 14:07:28 EDT 2011
Jaap Winius <jwinius at umrk.nl> writes:
> However, when it works, it's supposed to pick up a TGT and cache it in a
> credentials file in /tmp, right?
I'm not sure. The server doesn't need to have a TGT, since all it has to
do is verify the incoming authentication from the client, so in theory all
it should need is a JAAS configuration pointing to the keytab.
> At the moment that's not happening for me, even though in the admin
> console under System Properties it says:
> sasl.gssapi.config /etc/openfire/gss.conf (or jaas.conf)
> sasl.gssapi.debug true
> sasl.mechs GSSAPI
> update.lastCheck 1306240531243
> xmpp.auth.anonymous true
> BTW, the Stanford IT Lab blog article on Openfire seems to suggest that
> the additional code from MIT (which produces a single file,
> mitopenfire.jar) is only necessary for the JAAS setup. Is that correct?
No idea, sorry. I could try forwarding this thread over to one of the
people here who actually built the server.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list