Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Debug is true storeKey false useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is /home/user1/dev/spnego.keytab refreshKrb5Config is true principal is HTTP/u1604ecm@MYCOMP.CO.UK tryFirstPass is false useFirstPass is false storePass is false clearPass is false
- Refreshing Kerberos configuration
- principal is HTTP/u1604ecm@MYCOMP.CO.UK
- Will use keytab
- Commit Succeeded
- [Krb5LoginModule]: Entering logout
- [Krb5LoginModule]: logged out Subject
- <system-properties>
- <property name="java.security.krb5.kdc" value="mykdc.mycomp.co.uk"/>
- <property name="java.security.krb5.realm" value="MYCOMP.CO.UK"/>
- <property name="java.security.krb5.conf" value="/home/user1/dev/krb5.conf"/>
- <property name="jboss.security.disable.secdomain.option" value="true"/>
- <property name="java.security.krb5.debug" value="true"/>
- </system-properties>
- <security-domain name="host" cache-type="default">
- <authentication>
- <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
- <module-option name="storekey" value="true"/>
- <module-option name="refreshKrb5Config" value="true"/>
- <module-option name="useKeyTab" value="true"/>
- <module-option name="principal" value="HTTP/u1604ecm@MYCOMP.CO.UK"/>
- <module-option name="keyTab" value="/home/user1/dev/spnego.keytab"/>
- <module-option name="doNotPrompt" value="true"/>
- <module-option name="debug" value="true"/>
- </login-module>
- </authentication>
- </security-domain>
- <security-domain name="app-spnego" cache-type="default">
- <authentication>
- <login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="requisite">
- <module-option name="password-stacking" value="useFirstPass"/>
- <module-option name="serverSecurityDomain" value="host"/>
- </login-module>
- </authentication>
- </security-domain>
- [libdefaults]
- default_realm = MYCOMP.CO.UK
- default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
- default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
- permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
- [realms]
- MYCOMP.CO.UK = {
- kdc = mykdc.mycomp.co.uk
- }
- [domain_realm]
- MYCOMP.CO.UK = MYCOMP.CO.UK
- .MYCOMP.CO.UK = MYCOMP.CO.UK
- <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_10_0.xsd">
- <security-domain>app-spnego</security-domain>
- <jacc-star-role-allow>true</jacc-star-role-allow>
- </jboss-web>
- <security-constraint>
- <display-name>Security Constraint on Conversation</display-name>
- <web-resource-collection>
- <web-resource-name>ivwb</web-resource-name>
- <url-pattern>*.html</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>All</role-name>
- </auth-constraint>
- </security-constraint>
- <!-- Define the Login Configuration for this Application -->
- <login-config>
- <auth-method>SPNEGO</auth-method>
- <realm-name>SPNEGO</realm-name>
- </login-config>
- <!-- Security roles referenced by this web application -->
- <security-role>
- <description>Role required to log in to the Application</description>
- <role-name>All</role-name>
- </security-role>
- ktpass -princ HTTP/u1604ecm@MYCOMP.CO.UK -pass mypass -mapuser authcheck@MYCOMP.CO.UK -out c:spnego.keytab -ptype KRB5_NT_PRINCIPAL -crypto All
- C:Usersadministrator.MYCOMP>setspn -l authcheck
- Registered ServicePrincipalNames for CN=Authentication User,CN=Users,DC=mycomp,DC=co,DC=uk:
- HTTP/u1604ecm
- HTTP/u1604ecm.mycomp.co.uk
- HTTP/u1604ecm@MYCOMP.CO.UK
- C:Usersadministrator.MYCOMP>setspn -l u1604ecm
- Registered ServicePrincipalNames for CN=U1604ECM,CN=Computers,DC=mycomp,DC=co,DC=uk:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement