[33422] in Kerberos
Re: Instant Messaging client-server solution?
daemon@ATHENA.MIT.EDU (Russ Allbery)
Tue May 24 15:08:30 2011
From: Russ Allbery <rra@stanford.edu>
To: Jaap Winius <jwinius@umrk.nl>
In-Reply-To: <20110524195822.10991fhzxz92c9no@bitis.umrk.nl> (Jaap Winius's
message of "Tue, 24 May 2011 19:58:22 +0200")
Date: Tue, 24 May 2011 11:07:28 -0700
Message-ID: <87y61wotun.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Jaap Winius <jwinius@umrk.nl> writes:
> However, when it works, it's supposed to pick up a TGT and cache it in a
> credentials file in /tmp, right?
I'm not sure. The server doesn't need to have a TGT, since all it has to
do is verify the incoming authentication from the client, so in theory all
it should need is a JAAS configuration pointing to the keytab.
> At the moment that's not happening for me, even though in the admin
> console under System Properties it says:
> sasl.gssapi.config /etc/openfire/gss.conf (or jaas.conf)
> sasl.gssapi.debug true
> sasl.mechs GSSAPI
> update.lastCheck 1306240531243
> xmpp.auth.anonymous true
> BTW, the Stanford IT Lab blog article on Openfire seems to suggest that
> the additional code from MIT (which produces a single file,
> mitopenfire.jar) is only necessary for the JAAS setup. Is that correct?
No idea, sorry. I could try forwarding this thread over to one of the
people here who actually built the server.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
