Revision 1 as of 2015-04-24 21:36:22

Kerberos

Kerberos Active Directory

set | grep -i logon # get logon server on windows

http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/tutorials/KerberosReq.html

System properties:

java.security.auth.login.config
java.security.krb5.realm
java.security.krb5.kdc
java.security.krb5.debug

If you set values for these properties, then they override the default realm and KDC values specified in krb5.conf.

Classes:

javax.security.auth.callback.CallbackHandler
javax.security.auth.login.LoginContext
com.sun.security.auth.module.Krb5LoginModule

Sample JAAS config

http://www.javaranch.com/journal/2008/04/authentication-using-JAAS.html

RanchLogin { com.javaranch.auth.RanchLoginModule required; };

LoginModule

http://www.avajava.com/tutorials/lessons/how-do-i-create-a-login-module.html

LoginContext lc = new LoginContext("Test", new TestCallbackHandler(name, password));
//...
public class TestLoginModule implements LoginModule {
}

Test {
   test.TestLoginModule required testOption=here_is_an_option;
};