Using KeyTab
Akash Kumar Jaiswal (Unlicensed)
Avinash Kumar
Refer the following table for details of the configuration file:
Field Name | Description/Action |
KerberosServer | Name of the login module |
required principal | Unique identity to which Kerberos can assign tickets. Principals can have an arbitrary number of components. Each component is separated by a component separator, generally `/', e.g., "HTTP/ADSRV014.adeptiaserver.com". |
useKeyTab | Set this to true if you want the module to get the principal's key from the keytab |
keyTab | File containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password). Mention the path of this file here, e.g., "d:/kerberos/testuser.keytab" |
storeKey | If the configuration entry for Kerberos Login Module has the option storeKey set to true, KerberosKey will also be added to the subject's private credentials. KerberosKey, the principal's key will be either obtained from the keytab or derived from user's password |
Debug | Enabling this can be helpful to know the root cause of an authentication error |
realm | DNS domain in upper case. For example, "ADEPTIASERVER.COM" |
isInitiator | Set this to true, if initiator. Set this to false, if acceptor only. |