Java和Kerberos身份验证krb5.conf与System.setProperty [英] Java and Kerberos authentication krb5.conf versus System.setProperty

查看:1137
本文介绍了Java和Kerberos身份验证krb5.conf与System.setProperty的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

请帮我解决kerberos + Java问题。我有一个简单的Java程序,可以使用Kerberos对Windows Active Directory进行身份验证。以下java代码工作正常,没有任何问题,并打印为true -

Please help me on a kerberos+Java problem. I have a simple Java program to authenticate to a Windows Active Directory using Kerberos. The following java code works fine without any problems and prints true-

public class KerberosAuthenticator {
    public static void main(String[] args) {
        String jaasConfigFilePath = "/myDir/jaas.conf";

        System.setProperty("java.security.auth.login.config", jaasConfigFilePath);

        System.setProperty("java.security.krb5.realm", "ENG.TEST.COM");
        System.setProperty("java.security.krb5.kdc","winsvr2003r2.eng.test.com");

        boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");

        System.out.println(success);
    }
}

当我指定krb5.conf的路径时Bue文件而不是手动指定领域和kdc,它错误地说Null领域名称(601) - 未指定默认领域。以下是代码 -

Bue when I specify the path to the krb5.conf file instead of manually specifying the realm and kdc, it errors out saying "Null realm name (601) - default realm not specified". Following is the code-

public class KerberosAuthenticator {
    public static void main(String[] args) {
        String jaasConfigFilePath = "/myDir/jaas.conf";

        System.setProperty("java.security.auth.login.config", jaasConfigFilePath);

        String krb5ConfigFilePath = "/etc/krb5/krb5.conf";
        System.setProperty("java.security.krb5.conf", krb5ConfigFilePath);

        boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");

        System.out.println(success);
    }
}

krb5.conf的内容如下 -

The contents of krb5.conf is as follows-

[libdefault]
 default_realm = ENG.TEST.COM

[realms]
 ENG.TEST.COM = {
  kdc = winsvr2003r2.eng.test.com
  kpasswd_server = winsvr2003r2.eng.test.com
  admin_server = winsvr2003r2.eng.test.com
  kpasswd_protocol = SET_CHANGE
 }

[domain_realm]
 .eng.test.com = ENG.TEST.COM
 eng.test.com = ENG.TEST.COM
[logging]
 default = FILE:/var/krb5/kdc.log
 kdc = FILE:/var/krb5/kdc.log
 kdc_rotate = {
  period = 1d
  versions = 10
 }

[appdefaults]
 kinit = {
 renewable = true
 forwardable = true
 }


推荐答案

你的krb5.conf错了。它是 [libdefaults] ,而不是[libdefault]。

Your krb5.conf is wrong. It's [libdefaults], not [libdefault].

这篇关于Java和Kerberos身份验证krb5.conf与System.setProperty的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆