What would be the key things I would need to get from the Tgt?
On Thu, Apr 24, 2014 at 9:33 AM, Kiran Ayyagari <firstname.lastname@example.org> wrote:
On Thu, Apr 24, 2014 at 6:57 PM, Josh Clum <email@example.com> wrote:
I was wondering if there was a way to generate my own keytab in java without going to the kdc? I found code similar to this in an ApachDS test:Keytab keytab = Keytab.getInstance();KerberosTime timeStamp = new KerberosTime(KerberosUtils.UTC_DATE_FORMAT.parse("20070217235745Z"));Map<EncryptionType, EncryptionKey> keys = KerberosKeyFactory.getKerberosKeys(principalName, userPassword);KeytabEntry keytabEntry = new KeytabEntry(principalName,1L,timeStamp,(byte) 0,keys.get(EncryptionType.DES_CBC_MD5));List<KeytabEntry> entry = Arrays.asList(keytabEntry);keytab.setEntries(entry);keytab.write(keytabFile);return keytabFile;I'm able to a klist on a keytab that i create:Vno Type Principal Date Aliases0 des-cbc-md5 ssh/localhost@EXAMPLE.COM 2007-02-17Also, if this is not possible, is there a way to programmatically get a keytab using ApacheDS or any other java library?one way to do this is to use KdcConnection to obtain a TgTicket and create KeyTab from the details of TgTicket