当前位置:theitroad>Java 和 Kerberos 身份验证 krb5.conf 与 System.setProperty

Java 和 Kerberos 身份验证 krb5.conf 与 System.setProperty

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/1431999/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-12 12:00:01  来源:igfitidea点击:

Java and Kerberos authentication krb5.conf versus System.setProperty

javakerberosjaas

提问by Keshav

Please help me on a kerberos+Java problem. I have a simple Java program to authenticate to a Windows Active Directory using Kerberos. The following java code works fine without any problems and prints true-

请帮助我解决 kerberos+Java 问题。我有一个简单的 Java 程序来使用 Kerberos 对 Windows Active Directory 进行身份验证。以下 java 代码工作正常,没有任何问题并打印 true-

public class KerberosAuthenticator {
    public static void main(String[] args) {
        String jaasConfigFilePath = "/myDir/jaas.conf";

        System.setProperty("java.security.auth.login.config", jaasConfigFilePath);

        System.setProperty("java.security.krb5.realm", "ENG.TEST.COM");
        System.setProperty("java.security.krb5.kdc","winsvr2003r2.eng.test.com");

        boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");

        System.out.println(success);
    }
}

Bue when I specify the path to the krb5.conf file instead of manually specifying the realm and kdc, it errors out saying "Null realm name (601) - default realm not specified". Following is the code-

但是,当我指定 krb5.conf 文件的路径而不是手动指定领域和 kdc 时,它会出错说“空领域名称 (601) - 未指定默认领域”。以下是代码-

public class KerberosAuthenticator {
    public static void main(String[] args) {
        String jaasConfigFilePath = "/myDir/jaas.conf";

        System.setProperty("java.security.auth.login.config", jaasConfigFilePath);

        String krb5ConfigFilePath = "/etc/krb5/krb5.conf";
        System.setProperty("java.security.krb5.conf", krb5ConfigFilePath);

        boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass");

        System.out.println(success);
    }
}

The contents of krb5.conf is as follows-

krb5.conf 的内容如下——

[libdefault]
 default_realm = ENG.TEST.COM

[realms]
 ENG.TEST.COM = {
  kdc = winsvr2003r2.eng.test.com
  kpasswd_server = winsvr2003r2.eng.test.com
  admin_server = winsvr2003r2.eng.test.com
  kpasswd_protocol = SET_CHANGE
 }

[domain_realm]
 .eng.test.com = ENG.TEST.COM
 eng.test.com = ENG.TEST.COM
[logging]
 default = FILE:/var/krb5/kdc.log
 kdc = FILE:/var/krb5/kdc.log
 kdc_rotate = {
  period = 1d
  versions = 10
 }

[appdefaults]
 kinit = {
 renewable = true
 forwardable = true
 }

采纳答案by ZZ Coder

Your krb5.conf is wrong. It's [libdefaults], not [libdefault].

你的 krb5.conf 是错误的。它是[libdefaults],而不是 [libdefault]。

相关推荐

C++ 和 Java 中字符串的区别

C++ 和 Java 中字符串的区别

Java Google 协议缓冲区和 HTTP

Java Google 协议缓冲区和 HTTP

如何检查计算机上是否安装了java

如何检查计算机上是否安装了java

如何使用 Java 中的 Scanner 将输入值存储在数组中

如何使用 Java 中的 Scanner 将输入值存储在数组中

相关推荐
最近更新
标签