Le 5/20/13 8:35 AM, Emmanuel Lécharny a écrit :
> So the problem appears to be that we create an entry which
> KerberosPrincipal is ldap/[email protected], but for some unknown
> reason, we are looking for an entry which kerberos principal is
> ldap/[email protected].
>
> It looks like that there is some name resolution occuring somewhere on
> Mac OSX... Either we don't store the correct KerberosPrincipal, or we
> have a conversion we don't asked for.
>
> I'm investigating...
>
Ok, it seems that we get the same error that on windows :
// On Windows 7 and Server 2008 the loopback address 127.0.0.1
// isn't resolved to localhost by default. In that case we need
// to use the IP address for the service principal.
String hostName;
try
{
InetAddress loopback = InetAddress.getByName( "127.0.0.1" );
hostName = loopback.getHostName();
}
catch ( UnknownHostException e )
{
System.err.println( "Can't find loopback address
'127.0.0.1', using hostname 'localhost'" );
hostName = "localhost";
}
String servicePrincipal = "ldap/" + hostName + "@EXAMPLE.COM";
getLdapServer().setSaslPrincipal( servicePrincipal );
So the stored KerberosPrincipal contains 127.0.0.1, but we do request
localhost later on...
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
