Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: GSSAPI/KRB5 and JDBC (again)
- From: Kris Jurka <books(at)ejurka(dot)com>
- To: Peter Koczan <pjkoczan(at)gmail(dot)com>
- Cc: pgsql-jdbc(at)postgresql(dot)org, sfrost(at)snowman(dot)net
- Subject: Re: GSSAPI/KRB5 and JDBC (again)
- Date: Tue, 29 Jul 2008 00:35:27 -0400 (EDT)
- Message-id: <Pine.BSO.4.64.0807290027090.2814@leary.csoft.net> <text/plain>
On Fri, 25 Jul 2008, Peter Koczan wrote:
I tried kinit, and it didn't work, but putting my real Kerberos password in the password field worked. It looks like it's trying to get a new set of credentials/tickets when authenticating, instead of using stashed or readily available credentials.
It tries to use the provided password only if it doesn't find an existing set of credentials. It definitely works for me without a password after kinit(ing). Perhaps your ticket cache or keytab is in a non-standard place? This is the first and only time I've setup a kerberos server, so I may have done something unusual on my end too, but I basically just did a stock Debian install. Perhaps you need some additional options from here in your login.conf to let it know things particular to your setup?
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/module/Krb5LoginModule.html Kris Jurka
- Follow-Ups:
- Re: GSSAPI/KRB5 and JDBC (again)
- From: Peter Koczan
- Re: GSSAPI/KRB5 and JDBC (again)
- References:
- GSSAPI/KRB5 and JDBC (again)
- From: Peter Koczan
- Re: GSSAPI/KRB5 and JDBC (again)
- From: Stephen Frost
- Re: GSSAPI/KRB5 and JDBC (again)
- From: Peter Koczan
- GSSAPI/KRB5 and JDBC (again)
- Prev by Date: Re: Timestamp Problems
- Next by Date: Re: numeric type
- Previous by thread: Re: GSSAPI/KRB5 and JDBC (again)
- Next by thread: Re: GSSAPI/KRB5 and JDBC (again)
- Indexes: