This content has been marked as final. Show 4 replies
You could have the user's authenticate locally on the Fat Client using Krb5LoginModule to generate a KeyTab information. You can also do this from the command line by using kinit under the bin folder in your JRE.
This may not be the desired result, as they will be prompted for a username/password ~once every 24hrs.
If you are receiving encryption type errors in the AppServer logs, try to set the encryption type for the appServer Machine account to DES. See Microsoft KB article 305144.
wondering the same thing as DaGoldMan originally - is there some way of implementing SSO with Java with these newer Windows versions without having to set the allowtgtsessionkey? I don't feel so comfortable with messing up with clients registries...
I'd like to verificate the logged on Windows user withouth him/her having to enter any usernames/passwords and the JAAS/GSS -Kerberos SSO seems otherwise a pretty good solution. If somebody got some ideas how to do this with JAAS/GSS or something else, be welcome =)
hi, could someone please answer me this question:
if i DO set this parameter in the registry, what is the effect for my security? does it make the system more vulnerable and if yes: how and for what kind of attack?