kerberos

问题 I am trying to use jakarta commons http client. Doing kerberos authentication to communicate with a server. Authentication always fails. On digging deeper I found out that the kerberos token header has carriage return line feed characters in it which is the root cause of the issue. Why does it have \r\n characters and why is that an issue? 回答1: \r\n characters in the kerberos token is an issue because \r is an HTTP control characters. That essentially means that the server only sees first

问题 I am trying to use jakarta commons http client. Doing kerberos authentication to communicate with a server. Authentication always fails. On digging deeper I found out that the kerberos token header has carriage return line feed characters in it which is the root cause of the issue. Why does it have \r\n characters and why is that an issue? 回答1: \r\n characters in the kerberos token is an issue because \r is an HTTP control characters. That essentially means that the server only sees first

问题 I'm building an application in an environment that's configured with Kerberos authentication. My application uses .NET's HttpClient to POST some data to an API hosted in IIS on a different server. GET requests seem to be working fine, but POSTs to the same service instantly implode with the following exception: System.Net.Http.HttpRequestException: Error while copying content to a stream. ---> System.IO.IOException: The read operation failed, see inner exception. ---> System.Net.WebException:

问题 I'm building an application in an environment that's configured with Kerberos authentication. My application uses .NET's HttpClient to POST some data to an API hosted in IIS on a different server. GET requests seem to be working fine, but POSTs to the same service instantly implode with the following exception: System.Net.Http.HttpRequestException: Error while copying content to a stream. ---> System.IO.IOException: The read operation failed, see inner exception. ---> System.Net.WebException:

问题 I'm trying to setup an internal website that will contact another backend service within the network on behalf of the user using a HttpWebRequest. I have to use Integrated Windows Authentication on the ASP.NET application as the backend system only supports this type of authentication. I'm able to setup IWA on the ASP.NET application, and it's using kerberos as I expect it to. However when the authentication is delegated to the backend system it doesn't work anymore. This is because the

问题 I'm trying to setup an internal website that will contact another backend service within the network on behalf of the user using a HttpWebRequest. I have to use Integrated Windows Authentication on the ASP.NET application as the backend system only supports this type of authentication. I'm able to setup IWA on the ASP.NET application, and it's using kerberos as I expect it to. However when the authentication is delegated to the backend system it doesn't work anymore. This is because the

问题 I'm using javamail to check an IMAP inbox, and at the moment I'm simply logging into the IMAP server by storing the username and password. Our security policy at work requires this to be kerberised however. I've been reading up on javamail, IMAP and kerberos, and some resources say it isn't possible, whilst others suggest it is possible. And unfortunately I couldn't find any examples showing how to connect via. kerberos. I was just wondering if anybody could confirm/deny whether it is

问题 Following are my environment details:- KDC Server : Windows Server 2012 Target machine : Windows 7 JDK Version : Oracle 1.8.0_121 (64 bit) I'm getting the following exception on running the Java's kinit command the on Windows 7 machine :- C:\Program Files\Java\jdk1.8.0_121\bin>kinit -k -t "C:\Program Files\Apache Software Foundation\Tomcat 8.0\conf\tomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM Exception: krb_error 0 no supported default etypes for default_tkt_enctypes No

问题 I am obtaining a kerberos ticket with the following code: String client = "com.sun.security.jgss.krb5.initiate"; LoginContext lc = new LoginContext(client, new CallbackHandler() { @Override public void handle(Callback[] arg0) throws IOException, UnsupportedCallbackException { System.out.println("CB: " + arg0); } }); lc.login(); System.out.println("SUBJ: " + lc.getSubject()); This code works fine, I get a subject that shows my user ID. The problem I'm having is now I need to know whether the

问题 I'm using GSSAPI in Java in order to login to an LDAP server using Kerberos authentication. I'm a newbie to Kerberos, so I'm sorry if this is an obvious question, but I couldn't find anything clear enough on the internet. I perform the following steps: Define Login configuration by setting the system property "java.security.auth.login.config" to the configuration file path. Call LoginContext.login() with the name of the configuration and a self defined callback handler In case login succeeded