aspose file tools*
The moose likes Other JSE/JEE APIs and the fly likes Tomcat: Valve with SPNEGO-Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "Tomcat: Valve with SPNEGO-Authentication" Watch "Tomcat: Valve with SPNEGO-Authentication" New topic
Author

Tomcat: Valve with SPNEGO-Authentication

Tobias Kalke
Greenhorn

Joined: Oct 15, 2008
Posts: 1
Hi,
I'm developing a Tomcat valve to authenticate users with SPNEGO/Kerberos in a Windows environment, using Java 6 and GSSAPI.

So far, I extended AuthenticatorBase and overwrote the authenticate-method. That allowed me to get the client to use SPNEGO, that is send a Kerberos ticket.

To check the ticket in the request, I first need a GSSContext, and that needs GSSCredentials for the valve:

Oid spnegoOid = null;
spnegoOid = new Oid("1.3.6.1.5.5.2");
GSSCredential myCreds = manager.createCredential(null, GSSCredential.DEFAULT_LIFETIME, spnegoOid, GSSCredential.ACCEPT_ONLY);

My problem: the last line fails: "No valid credentials provided"

I think it's because it doesn't access my config file and keytab file.

How can I tell the GSSAPI where the config files are? Or do I have to place them in a special folder?
I know how to tell JAAS where to get, but I have no idea how to do it for that.

In case anyone can come up with useful links for Tomcat & SPNEGO, I would be gladful, too!

Cheers,
Tobias
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat: Valve with SPNEGO-Authentication
 
Similar Threads
single signon with java GSS-API kerberos/SPNEGO
Disable SPNEGO login on JBOSS
Need help with transparent single sign-on servlet filter
SSO using SPNEGO in JBOSS 4.2.2
SSO using SPNego on Kerberos in JBoss 4.2.2