When using Sasl.createSaslClient with kerberos, is it possible to modify kerberose configuration options?

Question

When using Sasl.createSaslClient with kerberos, is it possible to modify kerberose configuration options?

266 views Asked by Prafulla At 24 April 2015 at 06:17

I would like to use non-default location for ticket cache. Is it possible to set this value? I checked Krb5LoginModule and it allows for such configuration, but I could not find anything related to Sasl clients.

Any help with this regard will be highly appreciated.

Original Q&A

There are 2 answers

**Michael-O** · Answer 1 · 2015-04-25T08:10:32+00:00

You cannot do that with the SASL client because SASL is delegating the work to JGSS. What you can you is to obtain a login context with your custom location and perform a Subject.doAs with the subject from the login context with the SASL client. This will give you what you want. (Sample code available)

**Prafulla** · Answer 2 · 2015-04-26T04:21:20+00:00

Prafulla On 26 April 2015 at 04:21

I found out that if you set KRB5CCNAME environment variable, Kerberos component which SASL client delegates work to, read ticket cache file name/path from this env variable. It resolved my problem.

TechQA.

When using Sasl.createSaslClient with kerberos, is it possible to modify kerberose configuration options?

There are 2 answers

Related Questions in JAVA

Related Questions in SECURITY

Related Questions in KERBEROS

Related Questions in GSSAPI

Related Questions in JGSS

Popular Questions

Trending Questions