Advertisement
ILyaCyclone

Untitled

Aug 14th, 2017
263
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.98 KB | None | 0 0
  1. As far as I know, kinit uses C:\Windows\krb5.ini by default.
  2. ---------------------------------------------------------
  3. C:\Windows\krb5.ini:
  4. [libdefaults]
  5. default_realm = GLOBAL.LPL.TOP
  6. default_keytab_name = FILE:C:\tomcat3.keytab
  7. #default_tkt_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
  8. #default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
  9. forwardable=true
  10.  
  11. [realms]
  12. GLOBAL.LPL.TOP = {
  13. kdc = cdc.global.lpl.top:88
  14. }
  15.  
  16. [domain_realm]
  17. global.lpl.top = GLOBAL.LPL.TOP
  18. .global.lpl.top = GLOBAL.LPL.TOP
  19.  
  20. ---------------------------------------------------------
  21. HelloKDC.java values:
  22. final String username = "tomcatuser"; // Domain (pre-authentication) account
  23. final String password = "tomcatuserpassword";
  24. final String krbfile = "C:\\HelloKDC\\krb5.conf"; // Name of our krb5 config file
  25. final String loginfile = "C:\\HelloKDC\\login.conf"; // Name of our login config file
  26. final String module = "spnego-client"; // Name of our login module
  27.  
  28. ---------------------------------------------------------
  29. C:\HelloKDC\krb5.conf is similar to C:\Windows\krb5.ini
  30.  
  31. ---------------------------------------------------------
  32. C:\HelloKDC\login.conf:
  33. spnego-client {
  34. com.sun.security.auth.module.Krb5LoginModule required;
  35. };
  36.  
  37. ---------------------------------------------------------
  38. HelloKDC output
  39.  
  40. C:\HelloKDC>jdk1.7.0_79\bin\java HelloKDC
  41. Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt tru
  42. e ticketCache is null isInitiator true KeyTab is C:/tomcat3.keytab refreshKrb5Config is false principal is HTTP/tomcatserver.global.lpl.top@GLOBAL.LPL.TOP tryFirstPass is false useFirstPass is false s
  43. torePass is false clearPass is false
  44. [Krb5LoginModule] authentication failed
  45. Client not found in Kerberos database (6)
  46. Exception in thread "main" javax.security.auth.login.LoginException: Client notfound in Kerberos database (6)
  47. Caused by: KrbException: Identifier doesn't match expected value
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement