Hi,

I'm wondering if Kerby might be a solution to a problem that I am
having. As I understand it, Java 1.7 libraries for working with
KDC/Kerberos do not cache service tickets.

I was trying a toy program to see if I could cache a service ticket
with Kerby library:

try {

  KrbConfig config = new KrbConfig();
  config.enableDebug();
  KrbClient client = new KrbClient(config);
  client.setKdcHost("ADHOST");
  client.setKdcTcpPort(88);
  //client.setAllowUdp(false);
  client.setKdcRealm("Realm");

  client.init();

  TgtTicket tgt;
  SgtTicket sgt;

  tgt = client.requestTgt("user", new File("krb5.keytab"));
  sgt = client.requestSgt(tgt, "HTTP/test.example.com");

} catch (KrbException e1) {

  e1.printStackTrace();

}

Incidentally, is there docs about configuring the client as I always
get (against a real KDC)

org.apache.kerby.kerberos.kerb.KrbException: null with error code:
KDC_ERR_ETYPE_NOSUPP

Which I'm guessing means I need to configure some settings for
supported encrption types.

Does Kerby cache SGTs?

Thanks,

Shane

Reply via email to