Reputation: 145
Using multiple keytabs in Kerberos JGSS without using JAAS .conf file
I want to use multiple keytabs in multiple server threads. I don't want to use JAAS conf file so i implemented my own login configuration in LoginConfiguration class. The getGSSCredentials() function in KerberosLogin class is used to get the Credentials by giving keytab location as parameter.
KerberosLogin -> http://ideone.com/vaip3H LoginConfiguration -> http://ideone.com/jDqlN0
When i ran only two server threads, first one was able to get the credentials from its keytab ( both the server threads use different service principal ) while second one failed. Somehow using parms.put("refreshKrb5Config","true"); in LoginConfiguration solved the problem.
I am not able to understand why it's not working without refreshing the configuration and for cases in which there will be several such server threads will it be safe to use. Is there any better way to use multiple keytabs ?
Upvotes: 0
Views: 741
Answers (1)
Reputation: 145
It was due to the way java6 handles login config, it has been fixed in java7.
Upvotes: -1
Related Questions
- Is it possible to reference a keytab from the classpath in jaas.conf?
- Is there a way to connect to kerberized service using java client API with just credentials and not keytabs
- Using Java programmatically log in multiple kerberos realms with different keytabs
- Relative path for JAAS keytab configuration
- How to pass keytab file to application which is being deployed on pcf
- Ktab command list out the principals in the keytab file more than 1 time
- Can I generate my own keytab programmatically in Java?
- GSS JAAS can't read keystore/tab
- Kerberos user principals in Keytab and KDC with JAAS
- IBM Jdk Issue Kerberos: Cannot authenticate keytab with credsType=both in JAAS