Debug is true storeKey false useTicketCache false useKeyTab true doNotPrompt tr

1. Debug is true storeKey false useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is /home/user1/dev/spnego.keytab refreshKrb5Config is true principal is HTTP/u1604ecm@MYCOMP.CO.UK tryFirstPass is false useFirstPass is false storePass is false clearPass is false
2. Refreshing Kerberos configuration
3. principal is HTTP/u1604ecm@MYCOMP.CO.UK
4. Will use keytab
5. Commit Succeeded
6.  
7. [Krb5LoginModule]: Entering logout
8. [Krb5LoginModule]: logged out Subject
9.  
10. <system-properties>
11. <property name="java.security.krb5.kdc" value="mykdc.mycomp.co.uk"/>
12. <property name="java.security.krb5.realm" value="MYCOMP.CO.UK"/>
13. <property name="java.security.krb5.conf" value="/home/user1/dev/krb5.conf"/>
14. <property name="jboss.security.disable.secdomain.option" value="true"/>
15. <property name="java.security.krb5.debug" value="true"/>
16. </system-properties>
17.  
18. <security-domain name="host" cache-type="default">
19. <authentication>
20. <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
21. <module-option name="storekey" value="true"/>
22. <module-option name="refreshKrb5Config" value="true"/>
23. <module-option name="useKeyTab" value="true"/>
24. <module-option name="principal" value="HTTP/u1604ecm@MYCOMP.CO.UK"/>
25. <module-option name="keyTab" value="/home/user1/dev/spnego.keytab"/>
26. <module-option name="doNotPrompt" value="true"/>
27. <module-option name="debug" value="true"/>
28. </login-module>
29. </authentication>
30. </security-domain>
31. <security-domain name="app-spnego" cache-type="default">
32. <authentication>
33. <login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="requisite">
34. <module-option name="password-stacking" value="useFirstPass"/>
35. <module-option name="serverSecurityDomain" value="host"/>
36. </login-module>
37. </authentication>
38. </security-domain>
39.  
40. [libdefaults]
41. default_realm = MYCOMP.CO.UK
42. default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
43. default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
44. permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
45.  
46. [realms]
47. MYCOMP.CO.UK = {
48. kdc = mykdc.mycomp.co.uk
49. }
50.  
51. [domain_realm]
52. MYCOMP.CO.UK = MYCOMP.CO.UK
53. .MYCOMP.CO.UK = MYCOMP.CO.UK
54.  
55. <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
56. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
57. xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_10_0.xsd">
58. <security-domain>app-spnego</security-domain>
59. <jacc-star-role-allow>true</jacc-star-role-allow>
60. </jboss-web>
61.  
62. <security-constraint>
63. <display-name>Security Constraint on Conversation</display-name>
64. <web-resource-collection>
65. <web-resource-name>ivwb</web-resource-name>
66. <url-pattern>*.html</url-pattern>
67. </web-resource-collection>
68. <auth-constraint>
69. <role-name>All</role-name>
70. </auth-constraint>
71. </security-constraint>
72. <!-- Define the Login Configuration for this Application -->
73. <login-config>
74. <auth-method>SPNEGO</auth-method>
75. <realm-name>SPNEGO</realm-name>
76. </login-config>
77. <!-- Security roles referenced by this web application -->
78. <security-role>
79. <description>Role required to log in to the Application</description>
80. <role-name>All</role-name>
81. </security-role>
82.  
83. ktpass -princ HTTP/u1604ecm@MYCOMP.CO.UK -pass mypass -mapuser authcheck@MYCOMP.CO.UK -out c:spnego.keytab -ptype KRB5_NT_PRINCIPAL -crypto All
84.  
85. C:Usersadministrator.MYCOMP>setspn -l authcheck
86. Registered ServicePrincipalNames for CN=Authentication User,CN=Users,DC=mycomp,DC=co,DC=uk:
87. HTTP/u1604ecm
88. HTTP/u1604ecm.mycomp.co.uk
89. HTTP/u1604ecm@MYCOMP.CO.UK
90.  
91. C:Usersadministrator.MYCOMP>setspn -l u1604ecm
92. Registered ServicePrincipalNames for CN=U1604ECM,CN=Computers,DC=mycomp,DC=co,DC=uk: