Kerberos SSO implemented using Java

Question

Kerberos SSO implemented using Java

I am trying to create a JAVA program that will get my Windows user credentials, then connect to kerberos in my unix block and authenticate and allow me to use the service, for example, for an LDAP server.

All the examples that I found, as a rule, run, ask me for my password, I do not want this - I want to be able to run the program and "if in the manner" im Kerberos is authenticated.

Any links and an example are welcome.

+3

java windows-xp kerberos gssapi single-sign-on

owain Feb 08 '11 at 17:01

source share

1 answer

JayTee · Answer 1 · 2012-05-18T13:35:41+0000

We successfully configured SSO using Kerberos with the Java EE application and authenticating with Windows Active Directory after many weeks of testing and web scanning.

JBOSS Negotiation Spring Kerberos . , . ...

Active Directory.
ktpass keytab . ( ktpass, )
setspn -A ktpass.
, krb5.conf(linux) krb5.ini() .
, , .
, .
Kerberos kinit JDK.
- .
XML - , .
!!!!!!!!!
Spring, UserDetailsService LDAP ( ) .
: = null.

ktpass:

, , Active Directory.
, .
, keytab.
, KRB5_NT_PRINCIPAL.
ktpass /out c:\service.keytab /mapuser userservice@TESTDOMAIN.SERVER.COM /princ HTTP/hostname@TESTDOMAIN.SERVER.COM /pass /ptype KRB5_NT_PRINCIPAL
setspn -A : setspn –A HTTP/hostname.testdomain.server.com userservice
RESET ( keytab).

, kinit .

, SPN ! setspn -X Windows Server 2008 ( google script), , !

, - , .

Kerberos SSO implemented using Java

More articles: