Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Kerberos and JAAS tutorial - delegation

843811Feb 18 2003 — edited Mar 5 2003

Hi,

I searched for this answer in the archives and found some similar question, but no answer.

I have run most of the Kerberos JAAS tutorial with few problems. However, when I tried the delegation part of the "More things that you can do with java GSS-API and JAAS" section, I could not get it to work. I do not get any errors, but the credentials are not delegated from the client to the server. In fact, I do not even get an error when I do not specify DelegationPermission in the client policy file. I suspect I have overlooked something.

I am running SDK 1.4.1 on Linux. Any insight would be appreciated. Thanks,

Julio Garcia
Agilent Technologies, Inc.

843811

I answered my own question:

I needed to create a forwardable ticket with $JAVA_HOME/jre/bin/kinit (for some reason if I use the krb5 kinit I get java OutOfMemory exceptions). I then have to tell the client (through the config file) to use the cached ticket and things seem to work.

Julio Garcia
Agilent Technologies, Inc.

843811

Hi,

How do u tell that JAAS to obtain the forwardable TGT in the config file ? In which config file by the way?

Regards,CL

1 - 2

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 2 2003

Added on Feb 18 2003

#other-security-apis-tools-and-issues

2 comments

197 views

Java Security

Kerberos and JAAS tutorial - delegation

Comments

Post Details