在不重新启动JVM的情况下重新加载JAVA中的Kerberos配置 [英] Reload Kerberos config in JAVA without restarting JVM
问题描述
以下代码用于使用Java + Kerberos对Windows AD服务器进行身份验证,并且工作正常-
The following code is for authenticating to a windows AD server using Java+Kerberos and it works fine-
public class KerberosAuthenticator {
public static void main(String[] args) {
String jaasConfigFilePath = "/myDir/jaas.conf";
System.setProperty("java.security.auth.login.config", jaasConfigFilePath);
String krb5ConfigFilePath = "/etc/krb5/krb5.conf";
System.setProperty("java.security.krb5.conf", krb5ConfigFilePath);
boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");
System.out.println(success);
}
}
以上只是一个测试程序.实际的代码将在tomcat Webapp中运行.我面临的问题是,如果krb5.conf文件发生更改,则如果使用较早版本的krb5.conf进行一次成功的身份验证,则tomcat中不会反映出同样的问题.新的更改仅反映在重新启动tomcat上.
The above is a just a test program. The actual code will run in a tomcat webapp. The problem I am facing is, if the krb5.conf file changes, the same is not reflected in the tomcat, if a successful authentication has already happened once with the earlier version of krb5.conf. The new changes reflect only on restart of tomcat.
我想知道是否有一种方法可以指定JVM重新加载krb5.conf,以便它在不重新启动JVM的情况下获得最新的更改.
I want to know if there is a way to specify the JVM to reload the krb5.conf so that it gets the latest changes without restarting the JVM.
推荐答案
refreshKrb5Config=true
应该在jaas.conf中设置为KRB5LoginModule.
refreshKrb5Config=true
should be set for the KRB5LoginModule in jaas.conf.
这篇关于在不重新启动JVM的情况下重新加载JAVA中的Kerberos配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!