[30239] in Kerberos
RE: Java GSSAPI Kerberos question
daemon@ATHENA.MIT.EDU (Melissa Collins)
Mon Aug 25 07:48:11 2008
X-Envelope-From: melissa.collins@vordel.com
X-MDaemon-Deliver-To: kerberos@mit.edu
From: "Melissa Collins" <melissa.collins@vordel.com>
To: "'Danny Cho'" <dsycho@gmail.com>, <kerberos@mit.edu>
Date: Mon, 25 Aug 2008 12:44:15 +0100
Message-ID: <000c01c906a7$e6fa7ad0$2300a8c0@vordel.com>
MIME-Version: 1.0
In-Reply-To: <e19694910808221715u781522c2r8a847c006d9db745@mail.gmail.com>
Reply-To: melissa.collins@vordel.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Try adding...
refreshKrb5Config = true
to the props you have below
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
Behalf Of Danny Cho
Sent: 23 August 2008 01:16
To: kerberos@mit.edu
Subject: Java GSSAPI Kerberos question
I am hoping that someone here can help me. I have a problem with Java
GSSAPI that I don't know how to solve. I have written a test Java
server which acts as a Kerberos service that uses GSSAPI to authenticate
users connect to the service. Here is my gss.conf:
com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule
required
isInitiator=false
storeKey=true keyTab="/home/danny/temp/GSSKerberosServer/kserver.keytab"
doNotPrompt=true
useKeyTab=true
principal="kserver/danny.com"
debug=true;
};
Everything works fine. But then I tried making the server runtime reload
the keytab by manually (physically) overwritten the keytab file but
noticed that the new file doesn't get read (it still uses the old key)
when a new GSSCredential is created. Can someone please tell me how to
tell GSSAPI to re-read the keytab? I can post my test server code if
anyone wants to see it. ________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
