The client principal name is accessible via the MessageContext.. we need to populate CarbonContext..
Thanks & regards, -Prabath On Fri, Feb 25, 2011 at 12:20 PM, Amila Jayasekara <[email protected]> wrote: > On Fri, Feb 25, 2011 at 11:34 AM, Amila Suriarachchi <[email protected]> > wrote: > > When a user authenticated using kerboros, is the user name available to > the > > server? > > Hi Amila, > As far as i know the client only sends a Kerberos token. I am not sure > whether client principal name is in it. Thus as per now user name is > not available to the server. If user name is needed we need to use a > user name token as a supporting token in kerberos policy. > > Thanks > AmilaJ > > > if so can the service get the user name with CarbonContext.getUserName() > > > > thanks, > > Amila. > > > > On Thu, Feb 24, 2011 at 11:36 PM, Amila Jayasekara <[email protected]> > wrote: > >> > >> Hi All, > >> As some of you may know, there is a Kerberos KDC server with latest IS > >> build. In-order to complete the use case we added kerberos based > >> security scenario to security-mgt component. Now there is a security > >> scenario 16. See screen-shot for more details. Now users can easily > >> secure services using Kerberos security policy by selecting scenario > >> 16. > >> But this change is not yet in trunk as kerberos related rampart > >> changes are not yet in trunk (Currently i am doing changes in 3.0.1 > >> support branch). But hopefully by next week we will be adding these > >> changes to the trunk. > >> > >> Please review the attached screen shot and let me know, if any of the > >> text needs to be changed. > >> > >> Also we need to add two more config files to support, scenario 16. > >> They are krb5.conf (Contains parameters related to requesting ticket) > >> and jaas.conf (Authorization properties). > >> I am planning to add above mentioned files to esb's conf directory. > >> Please let me know if you have any concerns. > >> > >> Also i have a sample which demonstrate the use of KDC in IS and usage > >> of scenario 16, in esb. Since this sample is related to 2 products, i > >> am not sure where should i place the sample. Will be great if you > >> could give feedback on where to place sample program (In IS or ESB ?). > >> > >> Thanks > >> AmilaJ > >> > >> _______________________________________________ > >> Carbon-dev mailing list > >> [email protected] > >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >> > > > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > -- Thanks & Regards, Prabath http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
