0 Replies Latest reply on Mar 23, 2011 2:22 PM by 826817

    [appdefaults] section of Kerberos configuration file


      I'm developing a kerberized application which is supposed to be deployed through WebStart, and, therefore, cannot have application-specific krb5.conf file (as far as I understand it). Next, the application has to use des-cbc-md5 encryption. So, if no Kerberos configuration file is provided, this encryption type is used by default. But what if client box has machine-specific Kerberos configuration file (f.x. C:\Windows\krb5.ini) and encryption types list there is configured to prevent using des-cbc-md5?

      Looking through krb5.conf man page I have noticed [appdefaults] section, which is said to contain "default values that can be used by Kerberos V5 applications". Having googled, I found several examples where this section is used to configure telnet, kinit, pam and so on. But the question is: can I use it to set my application-specific Kerberos settings? What should I do to make Java use some value from [appdefaults] section instead of[libdefaults] one based on the name of my application?

      Thanks in advance.