LONI Forums
   
  #1  
Old 10-20-2009, 02:55 PM
njvack njvack is offline
njvack
  
Join Date: Jun 2009
Posts: 37
Default Kerberos mini-howto
OK, I've gotten Kerberos to work in our environment. It's shockingly easy; here are the steps I went through:

* Build a JAAS app that'll test a krb login. I found and modified someone's test app for my purposes; my modified copy is up online. You'll need the java source and a context configuration file. Put them in the same directory.

* Compile KrbTester.java and run it:

Code:
javac KrbTester.java
java -Djava.security.auth.login.config=kerberos.conf KrbTester <username> <password>
# If that doesn't work, you may need to specify a realm and kdc:
java -Djava.security.krb5.kdc=kdc.your.realm -Djava.security.krb5.realm=YOUR.REALM -Djava.security.auth.login.config=kerberos.conf KrbTester <username> <password>
* The KDC and realm data can be found in /etc/krb5.conf on at least some linux systems.

* We seem to be set up so my username can just be my username; you may need to use username@YOUR.REALM instead.

* Once this gives you a shiny kerberos ticket, copy kerberos.conf into your pipeline directory and run the pipeline server with the same -D parameters you were using for KrbTester.

* Finally, connect to the server. The same username and password that got you a KrbTester ticket should get you in to the server.

Success!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -7. The time now is 10:11 AM.

Contact Us - LONI Home - Archive - Top