jgss

Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTGT=true doNotPrompt=false debug=true; } Running Java 1.8 on Windows 7 I got the logging using -Dsun.security.krb5.debug=true left without MIT tool installed, fails right with the MIT tool installed, succeeds I tried setting the registry key HKEY_LOCAL_MACHINE\System

From http://java.sun.com/developer/technicalArticles/J2SE/security/#3 : Note: These two system properties are ignored when applications run on operating systems that do not yet support this feature, for example, MS Windows. That document is from 2006, so things could have changed but I've not found a definitive answer. I would like to know if the latest release of Sun Java 6 for Windows support native GSS today (to get the TGT without tinkering with the registry). Nope From http://hg.openjdk.java.net/jdk6/jdk6-gate/jdk/file/78235ae077a1/src/share/classes/sun/security/jgss/GSSManagerImpl.java

I have a java server and client applications. These applications are working on windows machines. Client login on server using kerberos authentication. It's implemented using jgssapi. At first the client retrieve stored cached tgt ticket from the system to generate token from kdc. The problem is - after locking user session in windows (lock screen or change a user) there's no cached tgt tickets in system (checked by C:\Windows\System32\klist.exe). And as I understand I just can get them by log off/log on user on the computer. This problem happened to me at customer machines. After locking

I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out why suddenly token gets invalid, though it worked earlier. And restarting server makes token valid