jgss

GSSContext with null SrcName

给你一囗甜甜゛ 提交于 2019-12-29 07:01:30
问题 I'm working a web appliaction with SSO based on the Windows domain login, for this purpose I have chosen to validate Kerberos tickets. But now I'm facing a problem for which I can't find a solution. I manage to validate a ticket without exceptions, but when I'm trying to get the userName, NullPointerException is thrown, because the username is null and I don't know where is problem. Why is user name null if I don't get any exception during the validation? How I get userName: String clientName

Kerberos cached ticket on windows machine not regenerated after user unlock

不打扰是莪最后的温柔 提交于 2019-12-20 07:58:47
问题 I have a java server and client applications. These applications are working on windows machines. Client login on server using kerberos authentication. It's implemented using jgssapi. At first the client retrieve stored cached tgt ticket from the system to generate token from kdc. The problem is - after locking user session in windows (lock screen or change a user) there's no cached tgt tickets in system (checked by C:\Windows\System32\klist.exe). And as I understand I just can get them by

Kerberos error: GSSHeader did not find the right tag

喜你入骨 提交于 2019-12-18 20:11:28
问题 I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out

Kerberos error: GSSHeader did not find the right tag

ⅰ亾dé卋堺 提交于 2019-12-18 20:11:27
问题 I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out

MIT Kerberos tool makes JAAS able to access the Windows LSA? How to do it without the tool

房东的猫 提交于 2019-12-08 20:01:36
Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTGT=true doNotPrompt=false debug=true; } Running Java 1.8 on Windows 7 I got the logging using -Dsun.security.krb5.debug=true left without MIT tool installed, fails right with the MIT tool installed, succeeds I tried setting the registry key HKEY_LOCAL_MACHINE\System

MIT Kerberos tool makes JAAS able to access the Windows LSA? How to do it without the tool

送分小仙女□ 提交于 2019-12-08 08:24:28
问题 Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTGT=true doNotPrompt=false debug=true; } Running Java 1.8 on Windows 7 I got the logging using -Dsun.security.krb5.debug=true left without MIT tool installed, fails right with the

Windows support of native GSS-API in Java 6

感情迁移 提交于 2019-12-04 17:42:14
问题 From http://java.sun.com/developer/technicalArticles/J2SE/security/#3: Note: These two system properties are ignored when applications run on operating systems that do not yet support this feature, for example, MS Windows. That document is from 2006, so things could have changed but I've not found a definitive answer. I would like to know if the latest release of Sun Java 6 for Windows support native GSS today (to get the TGT without tinkering with the registry). 回答1: Nope From http://hg

Windows support of native GSS-API in Java 6

牧云@^-^@ 提交于 2019-12-03 11:50:35
From http://java.sun.com/developer/technicalArticles/J2SE/security/#3 : Note: These two system properties are ignored when applications run on operating systems that do not yet support this feature, for example, MS Windows. That document is from 2006, so things could have changed but I've not found a definitive answer. I would like to know if the latest release of Sun Java 6 for Windows support native GSS today (to get the TGT without tinkering with the registry). Nope From http://hg.openjdk.java.net/jdk6/jdk6-gate/jdk/file/78235ae077a1/src/share/classes/sun/security/jgss/GSSManagerImpl.java

Kerberos cached ticket on windows machine not regenerated after user unlock

这一生的挚爱 提交于 2019-12-02 13:12:27
I have a java server and client applications. These applications are working on windows machines. Client login on server using kerberos authentication. It's implemented using jgssapi. At first the client retrieve stored cached tgt ticket from the system to generate token from kdc. The problem is - after locking user session in windows (lock screen or change a user) there's no cached tgt tickets in system (checked by C:\Windows\System32\klist.exe). And as I understand I just can get them by log off/log on user on the computer. This problem happened to me at customer machines. After locking

Kerberos error: GSSHeader did not find the right tag

大憨熊 提交于 2019-11-30 18:56:09
I’m trying to make Kerberos authentication connection to a SOAP service wsdl url. I’m able to establish connection successfully and make service calls. After I start my server, I’m able to make successful service call at least once. However after few requests (1 or more ), I suddenly get invalid token error. Once I get the error, future calls do not work and error persists. IF I restart my server, then again service call works at least once. And above cycle continues. I’m unable to figure out why suddenly token gets invalid, though it worked earlier. And restarting server makes token valid