[jboss-dev-forums] [Design of Security on JBoss] - Cluster Aware Cache Policy for the Jaas Security Manager
anil.saldhana@jboss.com
do-not-reply at jboss.com
Thu Apr 26 12:28:55 EDT 2007
Some one mentioned about an issue with clustering and usage of Kerberos tickets. When a cluster node fails over to a new machine, a request coming in with a username and a kerberos ticket goes through the jaas framework and the GSS-API throws an error saying that the request is a replay attack.
The idea is that once a Kerberos setup has been performed with a service using the GSS api, the security cache needs to be the point of contact for the username.
Your thoughts/feedback?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4041084#4041084
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4041084
More information about the jboss-dev-forums
mailing list