在不重新启动JVM的情况下重新加载JAVA中的Kerberos配置 [英] Reload Kerberos config in JAVA without restarting JVM

问题描述

以下代码用于使用Java + Kerberos对Windows AD服务器进行身份验证，并且工作正常-

The following code is for authenticating to a windows AD server using Java+Kerberos and it works fine-

public class KerberosAuthenticator {
  public static void main(String[] args) {
    String jaasConfigFilePath = "/myDir/jaas.conf";

    System.setProperty("java.security.auth.login.config", jaasConfigFilePath);

    String krb5ConfigFilePath = "/etc/krb5/krb5.conf";
    System.setProperty("java.security.krb5.conf", krb5ConfigFilePath);

    boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");

    System.out.println(success);
}
}

以上只是一个测试程序.实际的代码将在tomcat Webapp中运行.我面临的问题是，如果krb5.conf文件发生更改，则如果使用较早版本的krb5.conf进行一次成功的身份验证，则tomcat中不会反映出同样的问题.新的更改仅反映在重新启动tomcat上.

The above is a just a test program. The actual code will run in a tomcat webapp. The problem I am facing is, if the krb5.conf file changes, the same is not reflected in the tomcat, if a successful authentication has already happened once with the earlier version of krb5.conf. The new changes reflect only on restart of tomcat.

我想知道是否有一种方法可以指定JVM重新加载krb5.conf，以便它在不重新启动JVM的情况下获得最新的更改.

I want to know if there is a way to specify the JVM to reload the krb5.conf so that it gets the latest changes without restarting the JVM.

推荐答案

refreshKrb5Config=true应该在jaas.conf中设置为KRB5LoginModule.

refreshKrb5Config=true should be set for the KRB5LoginModule in jaas.conf.

这篇关于在不重新启动JVM的情况下重新加载JAVA中的Kerberos配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！