{"id":3750,"date":"2016-10-21T14:38:39","date_gmt":"2016-10-21T12:38:39","guid":{"rendered":"https:\/\/adrhc.go.ro\/wordpress\/?p=3750"},"modified":"2017-05-10T22:46:55","modified_gmt":"2017-05-10T20:46:55","slug":"kerberos-spring-security","status":"publish","type":"post","link":"https:\/\/adrhc.go.ro\/blog\/kerberos-spring-security\/","title":{"rendered":"Spring security with kerberos"},"content":{"rendered":"
\r\nWhat is a keytab, and how do I use one?<\/a>\r\nIntroduction to Kerberos for Managers<\/a>\r\nCrash Course to Kerberos<\/a>\r\nAppendix D. Troubleshooting<\/a>\r\nJAAS authentication with Kerberos<\/a>\r\nhttp:\/\/www.roguelynn.com\/words\/explain-like-im-5-kerberos\/<\/a>\r\nKDC = Kerberos Key Distribution Center\r\nTGT = Ticket Granting Ticket\r\nTGS = Ticket Granting Server\r\n\r\nFor the configuration below (just a copy from spring security reference):\r\n<\/pre>\n
\r\n<sec:authentication-manager alias=\"authenticationManager\">\r\n\t<sec:authentication-provider ref=\"kerberosAuthenticationProvider\"\/>\r\n<\/sec:authentication-manager>\r\n\r\n<bean id=\"kerberosAuthenticationProvider\"\r\n\tclass=\"org.springframework.security.kerberos.authentication.KerberosAuthenticationProvider\">\r\n\t<property name=\"kerberosClient\">\r\n\t\t<bean class=\"org.springframework.security.kerberos.authentication.sun.SunJaasKerberosClient\">\r\n\t\t\t<property name=\"debug\" value=\"true\"\/>\r\n\t\t<\/bean>\r\n\t<\/property>\r\n\t<property name=\"userDetailsService\" ref=\"dummyUserDetailsService\"\/>\r\n<\/bean>\r\n\r\n<bean\r\n\tclass=\"org.springframework.security.kerberos.authentication.sun.GlobalSunJaasKerberosConfig\">\r\n\t<property name=\"debug\" value=\"true\" \/>\r\n\t<property name=\"krbConfLocation\" value=\"\/path\/to\/krb5.ini\"\/>\r\n<\/bean>\r\n\r\n<bean id=\"dummyUserDetailsService\"\r\n\tclass=\"org.springframework.security.kerberos.docs.DummyUserDetailsService\" \/>\r\n<\/pre>\n
\r\nThe file \/path\/to\/krb5.ini could be an exact copy of \/etc\/krb5.conf from the KDC machine. You'll have to make sure the host names used in krb5.ini's default_realm are accessible for the application.\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
What is a keytab, and how do I use one? Introduction to Kerberos for Managers Crash Course to Kerberos Appendix D. Troubleshooting JAAS authentication with Kerberos http:\/\/www.roguelynn.com\/words\/explain-like-im-5-kerberos\/ KDC = Kerberos Key Distribution Center TGT = Ticket Granting Ticket TGS = […]<\/p>\n
Continue reading ➞ Spring security with kerberos<\/span><\/a><\/div>","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36,10,50],"tags":[91,68],"class_list":["post-3750","post","type-post","status-publish","format-standard","hentry","category-java","category-programming","category-security","tag-kerberos","tag-spring"],"_links":{"self":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/3750","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/comments?post=3750"}],"version-history":[{"count":0,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/3750\/revisions"}],"wp:attachment":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/media?parent=3750"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/categories?post=3750"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/tags?post=3750"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}