[jboss-user] [Security & JAAS/JBoss] - Re: JBoss on Windows XP, Kerberos MIT on unix, SPNEGO issue

darran.lofthouse@jboss.com do-not-reply at jboss.com
Wed Feb 18 09:45:04 EST 2009

I have to say so far this is not a scenario that I have worked with yet, most of my MIT KDC testing was using FreeIPA and only Linux server and client so I have not yet tried a Windows client with a Linux/MIT KDC.

So far from experience the easiest way to analyse this further would be to use a tool like wireshark to monitor the network traffic between the Windows machine and the Linux/MIT KDC.  At the point the web browser decides if it should trust the server it will send a TGS-REQ packet to the KDC and will trust the server if it gets a valid TGS-REP in response - using wireshark will let you double check what is being requested and what any failure message says.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4211105#4211105

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4211105

More information about the jboss-user mailing list