3 Replies Latest reply: Dec 10, 2012 2:32 AM by EJP RSS

    Using JAAS to retrive ticket without providing a password


      I am trying to use JAAS in combination with SOAP. From what I understand, JAAS uses UDP (correct me if I am wrong) but that does not work for me because of some unique requirements, so right now the easy way should be to write a small SOAP client to send the username to the server where a JAAS login code is running, it will get the username and get the ticket to send it back via soap and so on.
      The problem is that JAAS needs the password to get me the ticket but sending the password would defeat the purpose of using kerberos, is there a way to do this without sending the password?
      for example
      Use the username to get the TGT then send it via soap to the client where he will use his password to get the information, then send the needed information via soap to the server again and so on