Mailing-List: contact users-help@directory.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@directory.apache.org
Received-SPF: pass (herse.apache.org: domain of akarasulu@gmail.com designates
 64.233.182.186 as permitted sender)
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth;
        b=Y0cjuD01/9mEWrPo0647CyoKOWOMJg6Skd7BoX7jgBNZpbM34rG5KwRSnEypjNB0fbzZSRkHc98Zz3QY0nf6x9ZZCBfVZ8/EFsRQKarY/gve+cevvgBBq37CVFyXFqGrqQ8lrtuXV7q5QJaAiqi8y6b4mnQaTqiEsPMn0gmBu5I=
Message-ID: <a32f6b020702260814w55b9f006n3c7df9b0b6329658@mail.gmail.com>
Date: Mon, 26 Feb 2007 11:14:44 -0500
From: "Alex Karasulu" <akarasulu@apache.org>
Sender: akarasulu@gmail.com
To: users@directory.apache.org, "Arnab Hazra" <arnab.hazra@mindteck.com>
Subject: Re: [Triplesec] User Authentication problem in Windows XP
In-Reply-To: <001601c759b3$7e550e70$ae01a8c0@arnab>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_93637_11601684.1172506484127"
References: <001601c759b3$7e550e70$ae01a8c0@arnab>

------=_Part_93637_11601684.1172506484127
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Arnab,

On 2/26/07, Arnab Hazra <arnab.hazra@mindteck.com> wrote:
>
> Hi,
>
> I am using Triplesec 0.7.1 in an windows XP operating system. JDK 1.4.2and Tomcat
> 4.1.34 is installed in my system. Now I am having some problem in running
> the demo application which I downloaded from the link provided in User's
> Guide/Running Demo Application using Triplesec. It is a web application that
> asks for a username and password to log into the application.
>
> The problems that I am facing are in configuration settings :-
>
> 1> I did not find any krb5.ini or krb5.conf in my system. So, I manually
> created the file and copied it into the directory C:\WINNT.


That's fine.

The file that I  created was obtained by editing a linux version
krb5.conffile which I found in the user guide manual. Many files like
> krb5libs.log, krbkdc.log, kadmind.log, kdc.conf are also missing from my
> system, and I have no idea what it should contain.


No need for the rest of these files.  Just the krb5.ini is sufficient.

So, it would be a great help if you can suggest a proper krb5.ini file for
> an windows XP operating system and along with it the details related to the
> missing files. I am using the following krb5.ini file :
>
> [logging]
> default = C:/log/krb5libs.log
> kdc = C:/log/krb5kdc.log
> admin_server = C:/log/kadmind.log


These are not used.

[libdefaults]
> default_realm = SAFEHAUS.ORG
> dns_lookup_realm = false
> dns_lookup_kdc = false
>
> ticket_lifetime = 24h
> forwardable = yes
>
> default_tgs_enctypes = des-cbc-md5
> default_tkt_enctypes = des-cbc-md5
> preferred_enctypes = des-cbc-md5
> permitted_enctypes = des-cbc-md5
>
> [realms]
> SAFEHAUS.ORG = {
>   kdc = localhost:88
>   admin_server = localhost:749
>   default_domain = karasulu.homeip.net
> }
>
> [domain_realm]
> .karasulu.homeip.net = SAFEHAUS.ORG
> karasulu.homeip.net = SAFEHAUS.ORG


Here you're telling the kerberos client to lookup karasulu.homeip.net as the
kdc.  You might want to switch to localhost if your server and client are
both running on the same machine.

[kdc]
> profile = C:/kerberos/krb5kdc/kdc.conf


Also ignored.

[appdefaults]
> pam = {
>    debug = false
>    forwardable = true
>    krb4_convert = false
> }
>
> 2> Secondly, from where should we retrieve the user login id and HausPass
> password.


You can use a login id that is built into the server with an example user
and generate a hauspass (OTP) from the mobile token generator for that
user.

You can download a demo account hauskeys application onto you cell from
visiting wap.safehaus.org using your mobile phone.

HTH,
Alex

------=_Part_93637_11601684.1172506484127--