Hi,
I'm wondering if Kerby might be a solution to a problem that I am
having. As I understand it, Java 1.7 libraries for working with
KDC/Kerberos do not cache service tickets.
I was trying a toy program to see if I could cache a service ticket
with Kerby library:
try {
KrbConfig config = new KrbConfig();
config.enableDebug();
KrbClient client = new KrbClient(config);
client.setKdcHost("ADHOST");
client.setKdcTcpPort(88);
//client.setAllowUdp(false);
client.setKdcRealm("Realm");
client.init();
TgtTicket tgt;
SgtTicket sgt;
tgt = client.requestTgt("user", new File("krb5.keytab"));
sgt = client.requestSgt(tgt, "HTTP/test.example.com");
} catch (KrbException e1) {
e1.printStackTrace();
}
Incidentally, is there docs about configuring the client as I always
get (against a real KDC)
org.apache.kerby.kerberos.kerb.KrbException: null with error code:
KDC_ERR_ETYPE_NOSUPP
Which I'm guessing means I need to configure some settings for
supported encrption types.
Does Kerby cache SGTs?
Thanks,
Shane
