Reputation: 1445
How to get Kerberos TGS and use it in a GUI application in Java?
i'm trying to make an application with the Keberos protocol and the GSS-API in Java, and i've already made the authentication and the context establishement before calling the doAsPrivileged method. In this method I get the mutual authentication sending a simple token from the client to the server, but after that i want to make some other things.
I want to open a new window with a table of products to let the client select them and buy something and that was connected to a database in the server.
my question is about how can a i use this context in other frames that are diferent from the original doAsPrivileged action class.
i get an error GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt) and i don't know how can i find this TGT to send it more than one time to the server.
thank you.
Upvotes: 4
Views: 1126
Answers (1)
Reputation: 18415
I ran into a similar issue as well.
Your code fails because Java tries to use GSSAPI with the default login config name. Which is com.sun.security.jgss.initiate. To perform a GSS call for someone else or with another login conf name you have to use the LoginContext, obtain the subject and then do a doAs. As far as I can see, every action involving ticket exchange has to be done in a PrivilegedAction if you don't stick to the defaults. That's why our stuff's failing :-(
Upvotes: 1
Related Questions
- Java-written embedded Kerberos server for testing
- Java Kerberos Authentication
- Kerberos for Thrift?
- Configure kerberos without krb5.conf
- Simple Kerberos client in Java?
- How to generate the Kerberos Security Token?
- Java app secured by KERBEROS
- Java gather user info from Kerberos ticket
- Cannot get TGT from AD
- Using TGT acquired in Java for SSH/Other applications