What would be the key things I would need to get from the Tgt?
On Thu, Apr 24, 2014 at 9:33 AM, Kiran Ayyagari <[email protected]>wrote: > > > > On Thu, Apr 24, 2014 at 6:57 PM, Josh Clum <[email protected]> wrote: > >> I was wondering if there was a way to generate my own keytab in java >> without going to the kdc? I found code similar to this in an ApachDS test: >> >> Keytab keytab = Keytab.getInstance(); >> KerberosTime timeStamp = new >> KerberosTime(KerberosUtils.UTC_DATE_FORMAT.parse("20070217235745Z")); >> >> Map<EncryptionType, EncryptionKey> keys = KerberosKeyFactory >> .getKerberosKeys(principalName, userPassword); >> >> >> >> KeytabEntry keytabEntry = new KeytabEntry( >> principalName, >> 1L, >> timeStamp, >> (byte) 0, >> keys.get(EncryptionType.DES_CBC_MD5)); >> >> List<KeytabEntry> entry = Arrays.asList(keytabEntry); >> >> keytab.setEntries(entry); >> >> keytab.write(keytabFile); >> >> return keytabFile; >> >> I'm able to a klist on a keytab that i create: >> >> Vno Type Principal Date Aliases >> >> 0 des-cbc-md5 ssh/[email protected] 2007-02-17 >> >> >> Also, if this is not possible, is there a way to programmatically get a >> keytab using ApacheDS or any other java library? >> >> one way to do this is to use KdcConnection to obtain a TgTicket and > create KeyTab from the details of TgTicket > > > > -- > Kiran Ayyagari > http://keydap.com >
