Kerberos configuration parameters
- Ashhad Alam
- Rohan Dhanwade (Deactivated)
The following table contains the description of important Kerberos configuration parameters that you may need to set while using Kerberos as the authentication type.
Configuration parameters | Description/Action |
KerberosServer | Name of the login module. |
required principal | Unique identity to which Kerberos can assign tickets. Principals can have an arbitrary number of components. Each component is separated by a component separator, generally `/', for example, "HTTP/ADSRV014.adeptiaserver.com". |
useKeyTab | Set this to true if you want the module to get the principal's key from the keytab. |
keyTab | File containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password). Mention the path of this file here, for example, "d:/kerberos/testuser.keytab". |
storeKey | If the configuration entry for Kerberos Login Module has the option storeKey set to true, KerberosKey will also be added to the subject's private credentials. KerberosKey, the principal's key will be either obtained from the keytab or derived from user's password. |
Debug | Enabling this can be helpful to know the root cause of an authentication error. |
realm | DNS domain in upper case, for example, "ADEPTIASERVER.COM". |
isInitiator | Set this to:
|