Hi, I’m an PMC member of Apache Syncope[1]. We are building a new connector bundle for Connid[2] that needs to connect with FreeIpa server.
The connector bundle use JSON-RPC to communicate with the server that is protected by Kerberos. We followed this guide (http://cxf.apache.org/docs/jaxrs-kerberos.html) but the connector not negotiate with Kerberos WebClient wc = WebClient.create("https://olmo.example.com/ipa/json";); WebClient.getConfig(wc).getHttpConduit().setTlsClientParameters(clientParameters()); AuthorizationPolicy policy = new AuthorizationPolicy(); policy.setAuthorizationType("Negotiate"); policy.setAuthorization(KEYTAB_CONF); KerberosAuthOutInterceptor kbInterceptor = new KerberosAuthOutInterceptor(); kbInterceptor.setPolicy(policy); kbInterceptor.setRealm(“EXAMPLE.COM"); kbInterceptor.setServicePrincipalName("ldap/olmo.example.com"); kbInterceptor.setCredDelegation(true); WebClient.getConfig(wc).getOutInterceptors().add(kbInterceptor); I try a lot of other configuration without success, have you any suggestion? If we run with curl it works. Regards M [1] http://syncope.apache.org/ [2] http://tirasa.github.io/ConnId/ -- Dott. Marco Di Sabatino Di Diodoro Tel. +39 3939065570 Tirasa S.r.l. Viale D'Annunzio 267 - 65127 Pescara Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net Apache Syncope PMC Member http://people.apache.org/~mdisabatino/
