You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Arnab Hazra <ar...@mindteck.com> on 2007/02/26 15:36:16 UTC

[Triplesec] User Authentication problem in Windows XP

Hi,

I am using Triplesec 0.7.1 in an windows XP operating system. JDK 1.4.2 and Tomcat 4.1.34 is installed in my system. Now I am having some problem in running the demo application which I downloaded from the link provided in User's Guide/Running Demo Application using Triplesec. It is a web application that asks for a username and password to log into the application. 

The problems that I am facing are in configuration settings :- 

1> I did not find any krb5.ini or krb5.conf in my system. So, I manually created the file and copied it into the directory C:\WINNT. The file that I  created was obtained by editing a linux version krb5.conf file which I found in the user guide manual. Many files like krb5libs.log, krbkdc.log, kadmind.log, kdc.conf are also missing from my system, and I have no idea what it should contain. So, it would be a great help if you can suggest a proper krb5.ini file for an windows XP operating system and along with it the details related to the missing files. I am using the following krb5.ini file :

[logging]
 default = C:/log/krb5libs.log
 kdc = C:/log/krb5kdc.log
 admin_server = C:/log/kadmind.log

[libdefaults]
 default_realm = SAFEHAUS.ORG
 dns_lookup_realm = false
 dns_lookup_kdc = false

 ticket_lifetime = 24h
 forwardable = yes 

 default_tgs_enctypes = des-cbc-md5
 default_tkt_enctypes = des-cbc-md5
 preferred_enctypes = des-cbc-md5
 permitted_enctypes = des-cbc-md5 

[realms]
 SAFEHAUS.ORG = {
  kdc = localhost:88
  admin_server = localhost:749
  default_domain = karasulu.homeip.net
 }

[domain_realm]
 .karasulu.homeip.net = SAFEHAUS.ORG
 karasulu.homeip.net = SAFEHAUS.ORG

[kdc]
 profile = C:/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   forwardable = true
   krb4_convert = false
 }

2> Secondly, from where should we retrieve the user login id and HausPass password. 

Eagerly waiting to get response from you.

Thank You
Arnab Hazra
#####################################################################################
Note:
This message is for the named person's use only.  It may contain confidential, proprietary or legally privileged information.  No confidentiality or privilege is waived or lost by any mistransmission.  If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender.  You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. MINDTECK and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity.
 
Thank You. 

#####################################################################################

Re: [Triplesec] User Authentication problem in Windows XP

Posted by Alex Karasulu <ak...@apache.org>.
On 2/26/07, Keesjan van Bunningen <ke...@finalist.com> wrote:
>
> Hi Arnab Hazra,
>
> Apparently, you need to install Kerberos 5 on your Windows XP machine
> before you can successfully run this demo.


This is not at all necessary.  The Java Krb5LoginModule that comes with the
JDK just needs the krb5.ini file to get it's configuration.

Triplesec itself does not need any other Kerberos configuration files.  It's
a the KDC.

Alex

Have a look at this website for more details: http://web.mit.edu/Kerberos/
>
> Hope this helps.
>
> Regards,
>
> Keesjan van Bunningen
> Senior Software Developer
>
> Finalist IT Group - never stop developing!
> Mobiel: +31 6 24 693 631
> Telefoon: +31 88 217 08 26
> Fax: +31 88 217 08 91
> http://www.finalist.com <
> https://webmail.finalist.com/exchweb/bin/redir.asp?URL=http://www.finalist.com
> >
>
> ________________________________
>
> Van: Arnab Hazra [mailto:arnab.hazra@mindteck.com]
> Verzonden: ma 26-2-2007 15:36
> Aan: users@directory.apache.org
> Onderwerp: [Triplesec] User Authentication problem in Windows XP
>
>
>
> Hi,
>
> I am using Triplesec 0.7.1 in an windows XP operating system. JDK 1.4.2and Tomcat
> 4.1.34 is installed in my system. Now I am having some problem in running
> the demo application which I downloaded from the link provided in User's
> Guide/Running Demo Application using Triplesec. It is a web application that
> asks for a username and password to log into the application.
>
> The problems that I am facing are in configuration settings :-
>
> 1> I did not find any krb5.ini or krb5.conf in my system. So, I manually
> created the file and copied it into the directory C:\WINNT. The file that
> I  created was obtained by editing a linux version krb5.conf file which I
> found in the user guide manual. Many files like krb5libs.log, krbkdc.log,
> kadmind.log, kdc.conf are also missing from my system, and I have no idea
> what it should contain. So, it would be a great help if you can suggest a
> proper krb5.ini file for an windows XP operating system and along with it
> the details related to the missing files. I am using the following
> krb5.ini file :
>
> [logging]
> default = C:/log/krb5libs.log
> kdc = C:/log/krb5kdc.log
> admin_server = C:/log/kadmind.log
>
> [libdefaults]
> default_realm = SAFEHAUS.ORG
> dns_lookup_realm = false
> dns_lookup_kdc = false
>
> ticket_lifetime = 24h
> forwardable = yes
>
> default_tgs_enctypes = des-cbc-md5
> default_tkt_enctypes = des-cbc-md5
> preferred_enctypes = des-cbc-md5
> permitted_enctypes = des-cbc-md5
>
> [realms]
> SAFEHAUS.ORG = {
>   kdc = localhost:88
>   admin_server = localhost:749
>   default_domain = karasulu.homeip.net
> }
>
> [domain_realm]
> .karasulu.homeip.net = SAFEHAUS.ORG
> karasulu.homeip.net = SAFEHAUS.ORG
>
> [kdc]
> profile = C:/kerberos/krb5kdc/kdc.conf
>
> [appdefaults]
> pam = {
>    debug = false
>    forwardable = true
>    krb4_convert = false
> }
>
> 2> Secondly, from where should we retrieve the user login id and HausPass
> password.
>
> Eagerly waiting to get response from you.
>
> Thank You
> Arnab Hazra
>
> #####################################################################################
> Note:
> This message is for the named person's use only.  It may contain
> confidential, proprietary or legally privileged information.  No
> confidentiality or privilege is waived or lost by any mistransmission.  If
> you receive this message in error, please immediately delete it and all
> copies of it from your system, destroy any hard copies of it and notify the
> sender.  You must not, directly or indirectly, use, disclose, distribute,
> print, or copy any part of this message if you are not the intended
> recipient. MINDTECK and any of its subsidiaries each reserve the right to
> monitor all e-mail communications through its networks.
> Any views expressed in this message are those of the individual sender,
> except where the message states otherwise and the sender is authorized to
> state them to be the views of any such entity.
>
> Thank You.
>
>
> #####################################################################################
>
>
>

RE: [Triplesec] User Authentication problem in Windows XP

Posted by Keesjan van Bunningen <ke...@finalist.com>.
Hi Arnab Hazra,
 
Apparently, you need to install Kerberos 5 on your Windows XP machine before you can successfully run this demo.
 
Have a look at this website for more details: http://web.mit.edu/Kerberos/
 
Hope this helps.
 
Regards,
 
Keesjan van Bunningen
Senior Software Developer

Finalist IT Group - never stop developing!
Mobiel: +31 6 24 693 631
Telefoon: +31 88 217 08 26
Fax: +31 88 217 08 91
http://www.finalist.com <https://webmail.finalist.com/exchweb/bin/redir.asp?URL=http://www.finalist.com> 

________________________________

Van: Arnab Hazra [mailto:arnab.hazra@mindteck.com]
Verzonden: ma 26-2-2007 15:36
Aan: users@directory.apache.org
Onderwerp: [Triplesec] User Authentication problem in Windows XP



Hi,

I am using Triplesec 0.7.1 in an windows XP operating system. JDK 1.4.2 and Tomcat 4.1.34 is installed in my system. Now I am having some problem in running the demo application which I downloaded from the link provided in User's Guide/Running Demo Application using Triplesec. It is a web application that asks for a username and password to log into the application.

The problems that I am facing are in configuration settings :-

1> I did not find any krb5.ini or krb5.conf in my system. So, I manually created the file and copied it into the directory C:\WINNT. The file that I  created was obtained by editing a linux version krb5.conf file which I found in the user guide manual. Many files like krb5libs.log, krbkdc.log, kadmind.log, kdc.conf are also missing from my system, and I have no idea what it should contain. So, it would be a great help if you can suggest a proper krb5.ini file for an windows XP operating system and along with it the details related to the missing files. I am using the following krb5.ini file :

[logging]
 default = C:/log/krb5libs.log
 kdc = C:/log/krb5kdc.log
 admin_server = C:/log/kadmind.log

[libdefaults]
 default_realm = SAFEHAUS.ORG
 dns_lookup_realm = false
 dns_lookup_kdc = false

 ticket_lifetime = 24h
 forwardable = yes

 default_tgs_enctypes = des-cbc-md5
 default_tkt_enctypes = des-cbc-md5
 preferred_enctypes = des-cbc-md5
 permitted_enctypes = des-cbc-md5

[realms]
 SAFEHAUS.ORG = {
  kdc = localhost:88
  admin_server = localhost:749
  default_domain = karasulu.homeip.net
 }

[domain_realm]
 .karasulu.homeip.net = SAFEHAUS.ORG
 karasulu.homeip.net = SAFEHAUS.ORG

[kdc]
 profile = C:/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   forwardable = true
   krb4_convert = false
 }

2> Secondly, from where should we retrieve the user login id and HausPass password.

Eagerly waiting to get response from you.

Thank You
Arnab Hazra
#####################################################################################
Note:
This message is for the named person's use only.  It may contain confidential, proprietary or legally privileged information.  No confidentiality or privilege is waived or lost by any mistransmission.  If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender.  You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. MINDTECK and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity.

Thank You.

#####################################################################################

Re: [Triplesec] User Authentication problem in Windows XP

Posted by Alex Karasulu <ak...@apache.org>.
Arnab,

On 2/26/07, Arnab Hazra <ar...@mindteck.com> wrote:
>
> Hi,
>
> I am using Triplesec 0.7.1 in an windows XP operating system. JDK 1.4.2and Tomcat
> 4.1.34 is installed in my system. Now I am having some problem in running
> the demo application which I downloaded from the link provided in User's
> Guide/Running Demo Application using Triplesec. It is a web application that
> asks for a username and password to log into the application.
>
> The problems that I am facing are in configuration settings :-
>
> 1> I did not find any krb5.ini or krb5.conf in my system. So, I manually
> created the file and copied it into the directory C:\WINNT.


That's fine.

The file that I  created was obtained by editing a linux version
krb5.conffile which I found in the user guide manual. Many files like
> krb5libs.log, krbkdc.log, kadmind.log, kdc.conf are also missing from my
> system, and I have no idea what it should contain.


No need for the rest of these files.  Just the krb5.ini is sufficient.

So, it would be a great help if you can suggest a proper krb5.ini file for
> an windows XP operating system and along with it the details related to the
> missing files. I am using the following krb5.ini file :
>
> [logging]
> default = C:/log/krb5libs.log
> kdc = C:/log/krb5kdc.log
> admin_server = C:/log/kadmind.log


These are not used.

[libdefaults]
> default_realm = SAFEHAUS.ORG
> dns_lookup_realm = false
> dns_lookup_kdc = false
>
> ticket_lifetime = 24h
> forwardable = yes
>
> default_tgs_enctypes = des-cbc-md5
> default_tkt_enctypes = des-cbc-md5
> preferred_enctypes = des-cbc-md5
> permitted_enctypes = des-cbc-md5
>
> [realms]
> SAFEHAUS.ORG = {
>   kdc = localhost:88
>   admin_server = localhost:749
>   default_domain = karasulu.homeip.net
> }
>
> [domain_realm]
> .karasulu.homeip.net = SAFEHAUS.ORG
> karasulu.homeip.net = SAFEHAUS.ORG


Here you're telling the kerberos client to lookup karasulu.homeip.net as the
kdc.  You might want to switch to localhost if your server and client are
both running on the same machine.

[kdc]
> profile = C:/kerberos/krb5kdc/kdc.conf


Also ignored.

[appdefaults]
> pam = {
>    debug = false
>    forwardable = true
>    krb4_convert = false
> }
>
> 2> Secondly, from where should we retrieve the user login id and HausPass
> password.


You can use a login id that is built into the server with an example user
and generate a hauspass (OTP) from the mobile token generator for that
user.

You can download a demo account hauskeys application onto you cell from
visiting wap.safehaus.org using your mobile phone.

HTH,
Alex