[jboss-user] [Security & JAAS/JBoss] - Re: Minimal JBoss config to use GSSAPI/Kerberos acceptSecCon
chriscorbell
do-not-reply at jboss.com
Thu Mar 5 17:41:15 EST 2009
On Windows, the LoginContext loaded from the login-config.xml does in fact appear to be valid, even if it does not perform the same debug logging.
The LoginContext login() method also succeeds (this for a Krb5LoginModule configured with a local keyTab file).
However, the downstream GSSAPI calls do not seem to "know about" this. I can't explicitly create a GSSCredential with the service principal used in the login context, nor can I pass null to GSSManager.createContext() - in both cases I get
[GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Key)]
Can anyone shed any light on the relation between upstream LoginContext login() and downstream GSSAPI calls, particularly on differences between running on Windows and POSIX (in my case, Mac OS X)? Or suggest anything else that might be required to make this work on Windows?
TIA,
Chris
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215499#4215499
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215499
More information about the jboss-user
mailing list