Hi everyone, I've been playing with smart cards and faced some issues. Long story short:
*Prerequisites*: - I set up a basic Kerberos realm via Windows Active Directory. - I managed to successfully login into service via *login/password* pair using Java Kerberos(Krb5LoginModule), which is provided via JAAS. Now I try to implement Kerberos login via smart card. Smart card preauthentication in Kerberos is done via AS-REQ/AS-REP messages ( PA-PK-AS-REQ/P extensions). Unfortunately, JAAS Kerberos hasn't used the smartcard. As far as I have seen, there were no PA-PK-AS-REQ/P extensions in openjdk sources. Maybe, I missed something. *Question*: 1. Does Java Kerberos support smart card preauthentication out of the box? 2. If it doesn't, can I somehow extends existing Kerberos module or should I implement whole Kerberos from the ground up? Thanks in advance, Ostap Andrusiv web: http://andrusiv.com skype: ostap.andrusiv ::p!F