Cross domain/realm authentication

Question

Cross domain/realm authentication

1.8k views Asked by BigMac At 04 February 2011 at 12:42

Here is my problem: I can't find any document on cross domain authentication with java+kerberos. I have to authenticate against distant LDAP on other realm. How can we do that in java?

Thank you

EDIT:

Here is my krb5.conf:

[libdefaults]

default_realm = REALM1

dns_lookup_realm = false

dns_lookup_kdc = false

forwardable = true

[realms]

REALM1 = {

kdc = kerberos.my.url.domain1:88

admin_server = kerberos.my.url.domain1:749

default_domain = .

}

REALM2 = {

kdc = kerberos.my.url.domain2:88

admin_server = kerberos.my.url.domain2:749

}

[domain_realm]

.my.url.domain1 = REALM1

.my.url.domain2 = REALM2

Cross-realm works in command line when I execute on domain1

ldapsearch -H "ldap:/my.url.domain2"

so I suppose my krb5.conf is good

Original Q&A

There are 1 answers

**Opher** · Answer 1 · 2011-02-04 13:01:49

Authenticating against an LDAP is not the same as authenticating with Kerberos.
Could you give some more backgroung on what it is you need to accomplish. For example:

are you writing client code that needs to respond to a Kerberos authentication chalenge?
does your code need to validate a user + password against an LDAP?

TechQA.

Cross domain/realm authentication

There are 1 answers

Related Questions in JAVA

Related Questions in LDAP

Related Questions in KERBEROS

Related Questions in JAAS

Related Questions in GSSAPI

Popular Questions

Popular Tags

Trending Questions