You can refer to Java GSS tutorials for sample code: http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/tutorials/index.html
Please check if you have set the register key "allowtgtsessionkey" correctly.
Here is the location of the registry setting on Windows XP SP2:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\
Value Name: allowtgtsessionkey
Value Type: REG_DWORD
Value: 0x01
Seema
Bajpai, Atul wrote:
Hi all, I am trying to find a SSO solution for Java apps. My requirements are to
retrieve and use the currently logged in users credentials to
authenticate against Windows AD. After browsing through the mailing list
archives I was able to find some JAAS sample code to do this but I am
unable get the sample to behave that way. The sample app always prompts
for a username/password and never succeeds when I type in my own
username/pwd, I get a null[52] error. However when I use some of the
test id's that have been created they get authenticated. I also found
that XP SP2(which is what I have on my desktop) needs
"allowTGTSessionKey" in registry but that hasn't helped either. My .conf
file looks like this "com.sun.security.auth.module.Krb5LoginModule
required debug=true storeKey=true useTicketCache=true;". Appreciate all
the help I can get on this. Thanks.
Atul
------------------------------------------------------------------------ ------------------------- -------------------------
CONFIDENTIALITY AND SECURITY NOTICE
This e-mail contains information that may be confidential and proprietary. It is to be read and used solely by the intended
recipient(s). Citadel and its affiliates retain all proprietary rights they may have
in the information. If you are not an intended recipient, please notify us immediately either by reply e-mail or by telephone at 312-395-2100 and delete this e-mail (including any attachments hereto) immediately without reading, disseminating, distributing or copying. We cannot give any assurances that this e-mail and any attachments are free of viruses and other harmful code. Citadel reserves the right to monitor, intercept
and block all communications involving its computer systems.
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
