Any tips on how to accomplish the following would be appreciated:
Application A needs to call a
SOAP web service (Application B) for a given user. Application A has authenticated the user using our own internal web security processes and knows the ID of the user. Application B requires a user ID and a Kerberos ticket to be passed to it. Can Application A retrieve a ticket from the KDC on behalf of the user to pass along to Application B?
I've been reading a lot about Constrained Delegation, S4U proxies, etc. but am not getting anywhere. This is running in
Java 1.6. I'm thinking I need to use JAAS and GSS-API. Has anyone done something like this that could provide insight? I'm not even sure if the setup in Active Directory is correct.
Thank you in advance.
