• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Junilu Lacar
  • Rob Spoor
  • Liutauras Vilda
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Piet Souris
  • Tim Holloway
  • Jj Roberts
  • Stephan van Hulst
  • Himai Minh
  • Carey Brown
  • Frits Walraven

Tomcat: Valve with SPNEGO-Authentication

Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm developing a Tomcat valve to authenticate users with SPNEGO/Kerberos in a Windows environment, using Java 6 and GSSAPI.

So far, I extended AuthenticatorBase and overwrote the authenticate-method. That allowed me to get the client to use SPNEGO, that is send a Kerberos ticket.

To check the ticket in the request, I first need a GSSContext, and that needs GSSCredentials for the valve:

Oid spnegoOid = null;
spnegoOid = new Oid("");
GSSCredential myCreds = manager.createCredential(null, GSSCredential.DEFAULT_LIFETIME, spnegoOid, GSSCredential.ACCEPT_ONLY);

My problem: the last line fails: "No valid credentials provided"

I think it's because it doesn't access my config file and keytab file.

How can I tell the GSSAPI where the config files are? Or do I have to place them in a special folder?
I know how to tell JAAS where to get, but I have no idea how to do it for that.

In case anyone can come up with useful links for Tomcat & SPNEGO, I would be gladful, too!

The knights of nee want a shrubbery. And a tiny ad:
Thread Boost feature
    Bookmark Topic Watch Topic
  • New Topic