Using JAAS to retrive ticket without providing a password

978809 Dec 9, 2012 12:12 PM

Hi

I am trying to use JAAS in combination with SOAP. From what I understand, JAAS uses UDP (correct me if I am wrong) but that does not work for me because of some unique requirements, so right now the easy way should be to write a small SOAP client to send the username to the server where a JAAS login code is running, it will get the username and get the ticket to send it back via soap and so on.
The problem is that JAAS needs the password to get me the ticket but sending the password would defeat the purpose of using kerberos, is there a way to do this without sending the password?
for example
Use the username to get the TGT then send it via soap to the client where he will use his password to get the information, then send the needed information via soap to the server again and so on

Thanks

1. Re: Using JAAS to retrive ticket without providing a password

EJP Dec 9, 2012 7:24 PM (in response to 978809)

From what I understand, JAAS uses UDP (correct me if I am wrong)
You are wrong. JAAS doesn't use UDP. It doesn't do any networking at all. It is an API framework.
but that does not work for me because of some unique requirements
So you now need to review that decision.
Like Show 0 Likes(0)

Actions
2. Re: Using JAAS to retrive ticket without providing a password

978809 Dec 10, 2012 7:05 AM (in response to EJP)

Thanks for the reply

When I run this code

loginCtx = new LoginContext( "Client",
new LoginCallbackHandler( username, password));

which uses this package import javax.security.auth.login.LoginContext;

It starts connecting to kerberos and I see it mentioning UDP ports in the console, I thought this was part of JAAS but it seems I was mistaken, that is not a problem now
So the question now is, is there a way to get SOAP in between the client and the kerberos without sending the username and password?
Like Show 0 Likes(0)

Actions
3. Re: Using JAAS to retrive ticket without providing a password

EJP Dec 10, 2012 8:32 AM (in response to 978809)

You need to do some basic reading about JAAS. Your question is too large to be answered here.
Like Show 0 Likes(0)

Actions

Go to original post