[jboss-user] Kerberos authentication with JBoss on Linux
Dion Rowney
dion_rowney at hotmail.com
Thu May 17 11:13:11 EDT 2007
Hi,
I am setting up CAS and want to authenticate against our Kerberos domain.
I have determined that CAS' authentication mechanism uses the
login-config.xml policies and arrives at "other".
I have tried the textfile basic auth and it works.
I was hoping to use the built in Sun Kerberos authentication but it can seem
to find it. Here is my config file and the error I get in the logs. Does
anyone know how to make this work?
login-config.xml:
<application-policy name = "other">
<authentication>
<login-module code = "com.sun.security.auth.module.Krb5LoginModule" flag =
"required">
<module-option name = "debug">true</module-option>
<module-option name =
"principal">HTTP/examplehost.yourdomain.com at YOURWINDOWSDOMAIN.COM</module-option>
<module-option name = "kdc">adserverhostname</module-option>
<module-option name = "realm">YOURWINDOWSDOMAIN.COM</module-option>
<module-option name = "storeKey">true</module-option>
<module-option name = "useKeyTab">true</module-option>
<module-option name = "doNotPrompt">true</module-option>
<module-option name =
"keyTab">/home/contelligent/contell.host.keytab</module-option>
</login-module>
</authentication>
</application-policy>
server.log:
2007-05-16 12:17:39,824 ERROR [STDERR]
javax.security.auth.login.LoginException: unable to find LoginModule class:
com.sun.security.auth.module.Krb5LoginModule
Thanks.
_________________________________________________________________
Windows Live Hotmail. Now with better security, storage and features.
www.newhotmail.ca?icid=WLHMENCA149
More information about the jboss-user
mailing list