directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <kai.zh...@intel.com>
Subject RE: Getting started with the client API
Date Sat, 14 Nov 2015 23:55:06 GMT
Glad we made the progress! The new issue looks like default_realm isn't respected and needs
a fix. And we'll also check and handle other important configuration items used by MIT Kerberos
as well.

Regards,
Kai

-----Original Message-----
From: Marc Boorshtein [mailto:mboorshtein@gmail.com] 
Sent: Saturday, November 14, 2015 11:57 PM
To: kerby@directory.apache.org
Subject: Re: Getting started with the client API

> Thanks Kai!  We're making progress.  Here's the current stack trace:
>
> Exception in thread "main" java.lang.NullPointerException
>
> at org.apache.kerby.kerberos.kerb.client.request.AsRequest.getTicket(
> AsRequest.java:135)
>
> at
> org.apache.kerby.kerberos.kerb.client.impl.DefaultInternalKrbClient.do
> RequestTgtTicket(
> DefaultInternalKrbClient.java:76)
>
> at
> org.apache.kerby.kerberos.kerb.client.impl.AbstractInternalKrbClient.r
> equestTgtTicket(
> AbstractInternalKrbClient.java:105)
>
> at 
> org.apache.kerby.kerberos.kerb.client.KrbClient.requestTgtWithOptions(
> KrbClient.java:252)
>
> at 
> org.apache.kerby.kerberos.kerb.client.KrbClient.requestTgtWithKeytab(
> KrbClient.java:194)
>
> at TestKerb.main(TestKerb.java:12)
>
> Looking at the kerberos messages over the wire it looks like its 
> setting the realm to EXAMPLE.COM even though the krb5.conf file has 
> "default_realm = RHELENT.LAN" which is causing the KDC to fail.  
> Trying to see if I can make that setting in the code instead of the krb5.conf file.
>
> Thanks
>
>
> I got a ticket!  Here's the code that worked:

KrbClient kerb = new KrbClient(new File("/Users/mlb/Documents/testkerb"));

kerb.init();

kerb.setKdcRealm("RHELENT.LAN");
TgtTicket tgt = kerb.requestTgtWithKeytab("HTTP/s4u.rhelent.lan@RHELENT.LAN",
new File("/Users/mlb/Documents/localdev.keytab"));

I'll open a jira ticket for the bug with the config so we can track it.

Thanks again!  now for the fun part.
Mime
View raw message