kerberos

问题 I have a java server and client applications. These applications are working on windows machines. Client login on server using kerberos authentication. It's implemented using jgssapi. At first the client retrieve stored cached tgt ticket from the system to generate token from kdc. The problem is - after locking user session in windows (lock screen or change a user) there's no cached tgt tickets in system (checked by C:\Windows\System32\klist.exe). And as I understand I just can get them by

问题 I'm using git repo with git-http-backend. In apache2 I have location what needs authentication for clone and push actions. When I protected it location with AuthType Basic all works is fine, git passes authentication and can clone and push, but if I change type to KerberosV5 git can't access to repo with correctly credentials. If I'm using my browser I have access to location what to protect kerberos. git clone http://user@mydomain.com/git/myapp.git Initialized empty Git repository in /tmp

问题 Hi I am trying to write a java client for secure hbase. I want to do kinit also from code itself for that i`m using the usergroup information class. Can anyone point out where am I going wrong here? this is the main method that Im trying to connect o hbase from. I have to add the configuration in the CONfiguration object rather than using the xml, because the client can be located anywhere. Please see the code below: public static void main(String [] args) { try { System.setProperty

问题 Hi I am trying to write a java client for secure hbase. I want to do kinit also from code itself for that i`m using the usergroup information class. Can anyone point out where am I going wrong here? this is the main method that Im trying to connect o hbase from. I have to add the configuration in the CONfiguration object rather than using the xml, because the client can be located anywhere. Please see the code below: public static void main(String [] args) { try { System.setProperty

问题 I am trying to authenticate users with kerberos in Symfony2 but I'm a little lost on the way. When the user is authenticated,the Apache server returns the $ _SERVER ['REMOTE_USER'] variable, giving me his username. I can recover this value : $request = Request::createFromGlobals(); $user = $request->server->get('REMOTE_USER'); But how to tell Symfony to authenticate the user just with this value ? No password is required. I hesitate between create a custom authentication provider or create a

问题 I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out

问题 I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out

问题 The following code is for authenticating to a windows AD server using Java+Kerberos and it works fine- public class KerberosAuthenticator { public static void main(String[] args) { String jaasConfigFilePath = "/myDir/jaas.conf"; System.setProperty("java.security.auth.login.config", jaasConfigFilePath); String krb5ConfigFilePath = "/etc/krb5/krb5.conf"; System.setProperty("java.security.krb5.conf", krb5ConfigFilePath); boolean success = auth.KerberosAuthenticator.authenticate("testprincipal",

问题 I have a site running in IIS 7.5 that is accessed using a DNS alias different from the actual server name. In IE 8, integrated authentication is failing, but in Firefox and Chrome everything works fine. (IE presents a credential challenge a few times, then displays a 401.1 error page.) I have figured out that this is due to IE using Kerberos (aka "Negotiate") over NTLM, and Kerberos requires registering a Service Principal Name (using SETSPN) so that the mismatch between the DNS name and the

问题 My application is a stand-alone Swing client invoking EJB Stateless Session beans thanks to classical JNDI lookup and RMI-IIOP method calls. It is started as a Java WebStart application. My aim is to retrieve the client user's identity from EJBContext with getCallerPrincipal method thanks to Kerberos SSO between the Windows workstation, ActiveDirectory and WebSphere server running on Linux. I have already successfully configured my WebSphere cell in network deployment mode to support Kerberos