File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
Android Security Essentials Live Lessons
this week in the
Kerberos credential delegation
Joined: Jan 10, 2012
Jun 17, 2013 10:37:52
I am currently trying to enable a spnego based SSO Application. As part of this I seek to get the delegated credentials.
How to verify that the credential I get after "GSSContext.acceptSecContext(gss, 0, gss.length);" is a delegated credential or not. "GSSContext.getCredDelegState()" is true.
My primary doubt is whether the server principal in the ticket should be "krbtgt/ABC.XYZ.COM@ABC.XYZ.COM" or should be the service "(HTTP/host.ABC.XYZ.com)" for which the ticket was delegated?``
Please see image attached.
I am using a linux based Kerberos server and linux hosts for this.
Is there any reference to what the delegated ticket should be like?
I agree. Here's the link:
subject: Kerberos credential delegation
apache-tomcat-6.0.16 - mod_auth_kerb
Need help with transparent single sign-on servlet filter
kerberos, java , AS400, winwdows 2000 newbie
Java client imitating IE6 behavior: obtaining a Kerberos ticket, and sending it through SPNEGO
Java APIs for kerberos impersonation/constrained delegation
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014