[jacorb-developer] demo/sas kerberos-demo
Jürgen Weber
juergen at jwi.de
Sun Sep 1 20:07:38 CEST 2019
Hi,
I tried the demo/sas kerberos-demo and got it running.
The README is a bit terse, maybe this is interesting for some:
I set up Heimdal on a FreeBSD 12 box as described in the docs (first
do pkg inst heimdal):
https://www.freebsd.org/doc/handbook/kerberos5.html
(replace myserver.example.org at EXAMPLE.ORG with an existing domain + hostname)
with kinit add a JacORB Client User Principal:
add weberjn
weberjn at EXAMPLE.ORG's Password: xxx
Verifying - weberjn at EXAMPLE.ORG's Password: xxx
add a Service Principal for JacORB:
add --random-key jacorb.sasdemo/myserver.example.org
export this Principal into a keytab file:
ext_keytab --keytab=jacorb.sasdemo.keytab
jacorb.sasdemo/myserver.example.org at EXAMPLE.ORG
copy and chown this file to ~/krb5.keytab
change the Server LoginModule definition to use the keytab:
src/main/resources/SAS.login
KerberosService
{
// com.sun.security.auth.module.Krb5LoginModule required
storeKey=true principal="${principal}" debug=true;
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true storeKey=true principal="${principal}" debug=true;
};
run the demo with Service Principal, User Principal and User password:
mvn install -Pkerberos-demo
-Dprincipal=jacorb.sasdemo/myserver.example.org at EXAMPLE.ORG
-Dusername=weberjn at EXAMPLE.ORG -Dpassword=xxx
Have fun,
Jürgen
More information about the jacorb-developer
mailing list