directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 56551 - incubator/directory/kerberos/trunk/etc
Date Thu, 04 Nov 2004 02:16:27 GMT
Author: erodriguez
Date: Wed Nov  3 18:16:26 2004
New Revision: 56551

Added:
   incubator/directory/kerberos/trunk/etc/
   incubator/directory/kerberos/trunk/etc/kerberos.properties
   incubator/directory/kerberos/trunk/etc/kerberoskeys.ser   (contents, props changed)
Log:
etc directory for kerberos configuration.

Added: incubator/directory/kerberos/trunk/etc/kerberos.properties
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/etc/kerberos.properties	Wed Nov  3 18:16:26 2004
@@ -0,0 +1,35 @@
+# these are the minimum required parameters
+kdc.primary.realm        = 25OZ.COM
+kdc.principal            = krbtgt/25OZ.COM@25OZ.COM
+kdc.keys.location        = kerberoskeys.ser
+kdc.encryption.types     = des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc
+java.naming.provider.url = ldap://ldap.25oz.com:389/dc=25oz,dc=com
+
+changepw.principal       = kadmin/changepw@25OZ.COM
+
+# all times in minutes
+kdc.allowable.clockskew        = 5
+# 1440 minutes is 1 day
+tgs.maximum.ticket.lifetime    = 1440
+# 10080 minutes is 1 week
+tgs.maximum.renewable.lifetime = 10080
+
+kdc.pa.enc.timestamp.required = true
+tgs.empty.addresses.allowed   = true
+tgs.forwardable.allowed       = true
+tgs.proxiable.allowed         = true
+tgs.postdate.allowed          = true
+tgs.renewable.allowed         = true
+
+# Set up environment for initial context
+java.naming.factory.initial               = com.sun.jndi.ldap.LdapCtxFactory
+# Request the use of SASL-GSSAPI, using already established Kerberos credentials
+# This must be uppercase, as required by the Sun JNDI provider
+java.naming.security.authentication       = GSSAPI
+# Request mutual authentication
+javax.security.sasl.server.authentication = true
+# Request authentication with integrity and privacy protection
+javax.security.sasl.qop                   = auth-conf
+# Request high-strength cryptographic protection
+javax.security.sasl.strength              = high
+

Added: incubator/directory/kerberos/trunk/etc/kerberoskeys.ser
==============================================================================
Binary file. No diff available.

Mime
View raw message