You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Jürgen Weber (Jira)" <ji...@apache.org> on 2024/01/31 10:22:00 UTC

[jira] [Commented] (DIRSERVER-2388) Complete Kerberos Sample

    [ https://issues.apache.org/jira/browse/DIRSERVER-2388?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17812640#comment-17812640 ] 

Jürgen Weber commented on DIRSERVER-2388:
-----------------------------------------

an LDIF to Pre-load Kerberos principals is in
[https://cwiki.apache.org/confluence/display/DIRxINTEROP/Kerberos+Authentication+to+OpenLDAP+using+ApacheDS]

One has to add krb5KeyVersionNumber: 0 to each krb5PrincipalName

A Java sample could be based on the exercises in

[https://docs.oracle.com/en/java/javase/11/security/advanced-security-programming-java-se-authentication-secure-communication-and-single-sign1.html]

> Complete Kerberos Sample
> ------------------------
>
>                 Key: DIRSERVER-2388
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2388
>             Project: Directory ApacheDS
>          Issue Type: Improvement
>          Components: kerberos
>    Affects Versions: 2.0.0.AM26
>            Reporter: Jürgen Weber
>            Priority: Major
>
> Please provide a complete working example for a client and server in Java authenticating against apacheds kerberos with principal setup in LDIF
>  * LDIF for a service principal
>  * LDIF for a user principal
>  * Java client and server authenticating using com.sun.security.auth.module.Krb5LoginModule



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org