Laurence Brockman wrote:
[EMAIL PROTECTED] laurence]# more /tmp/jaas.conf
/** Login Configuration
**/
JaasServer {
com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true
storeKey=true keyTab="/etc/krb5.keytab";
};
*Code from GSSAuthorizor:*
GSSManager manager = GSSManager.getInstance();
Oid kerberos = new Oid("1.2.840.113554.1.2.2");
this.serverName = "[EMAIL PROTECTED]";
GSSName serverGSSName = manager.createName(this.serverName,
GSSName.NT_USER_NAME);
GSSCredential serverGSSCreds = manager.createCredential(serverGSSName,
GSSCredential.INDEFINITE_LIFETIME,
kerberos, GSSCredential.ACCEPT_ONLY);
log.debug("Created credentials for the service");
You can create GSSName as follows:
GSSManager manager = GSSManager.getInstance();
Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
// Identify the name of the server. This uses a Kerberos specific
// name format.
GSSName serverName = manager.createName("nfs/foo.sun.com",
krb5PrincipalNameType);
If you still have problems, send me a Kerberos debug output using
"-Dsun.security.krb5.debug=true".
Seema
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
