[keycloak-user] Understanding "Server Principal" in Kerberos setup
Malte Finsterwalder
inofi at gmx.net
Thu Jul 6 13:19:35 EDT 2017
Hi there,
I'm trying to set up Keycloak to use Kerberos with Active Directory.
But I'm not sure, I understand the Server Principal correctly.
Keycloak is running on a server, that is reachable under
keycloak.some.domain.com
The Kerberos Realm is whatever.else.com
So is the Server Principal correctly specified as:
HTTP/keycloak.some.domain.com at whatever.else.com
Or more general HTTP/<CLIENT HOST>@<Kerberos Realm>
And is <Kerberos Realm> in the Server Principal always the same as stated
in "Kerberos Realm" in the admin ui?
And does case matter anywhere?
Greetings,
Malte
More information about the keycloak-user
mailing list