| From: | Bryan Montgomery <monty(at)english(dot)net> |
|---|---|
| To: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: Trying to accomplish SSO from Windows |
| Date: | 2010-07-09 20:28:04 |
| Message-ID: | AANLkTim4yspwbRuwE0z2Q3vi_PbDcIkb2u-tNvG7GDIp@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Thanks Kris,
That got me a step further - I have a new direction to look at next week. I
added the system properties and ended up with:
Caused by: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos tgt)
at
sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:130)
at
sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:106)
However, earlier in the output, it has:
16:17:55.852 (1) <=BE AuthenticationReqGSS
Debug is true storeKey false useTicketCache true useKeyTab false
doNotPrompt false ticketCache is null isInitiator true KeyTab is null
refreshKrb5Config is false principal is null tryFirstPass is false
useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Principal is MontgomeryB(at)LAB2K(dot)NET
Commit Succeeded
So it looks like it's getting credentials here .....
I did set the windows registry setting below that I found mentioned
elsewhere.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\
Value Name: allowtgtsessionkey
Value Type: REG_DWORD
Value: 0x01
Any other tips for Monday will be appreciated :)
Thanks - Bryan.
On Fri, Jul 9, 2010 at 3:19 PM, Kris Jurka <books(at)ejurka(dot)com> wrote:
>
>
> On Thu, 8 Jul 2010, Bryan Montgomery wrote:
>
> Hello,
>> I've been looking for some examples on how to connect to a linux
>> postgresql
>> database from a java client running on Windows. The Jaas seems to be
>> getting
>> the credentials from my windows logon, but then the jdbc driver is blowing
>> up with some sun classes looking for a non-existent file.
>>
>> Caused by: GSSException: Invalid name provided (Mechanism level: Could not
>> load configuration file C:\WINDOWS\krb5.ini (The system cannot find the
>> file
>> specified))
>>
>>
> It appears you need to create that file or manually specify the realm and
> KDC as system properties.
>
>
> http://download.oracle.com/docs/cd/E17476_01/javase/1.5.0/docs/guide/security/jgss/tutorials/KerberosReq.html
>
> Kris Jurka
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kris Jurka | 2010-07-09 23:30:32 | Re: Trying to accomplish SSO from Windows |
| Previous Message | Kris Jurka | 2010-07-09 19:19:44 | Re: Trying to accomplish SSO from Windows |