How to Kerberize a java service

Abdelrahman Almahmoud fire_storm5002 at hotmail.com
Mon Oct 15 01:31:49 EDT 2012


Hi All,

We are currently in the process of kerberising Java services but there is a step that is not clear. When the client receives a service ticket and sends it to the service, how does the service verify and decrypt the ticket?From my understanding of the protocol, the service ticket is encrypted using the hash of the service password. Can I produce this hash on the service and use it to decrypt the ticket or is there another standard way of doing this?We use MIT kerberos V5 and the client uses JAAS to login to Kerberos, then writes the ticket to a file which will be sent to the service
Thanks 		 	   		   		 	   		  


More information about the Kerberos mailing list