[28926] in Kerberos
Re: Caching kerberos ticket using Java
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Sat Dec 22 12:12:35 2007
Message-ID: <476D454E.3040404@anl.gov>
Date: Sat, 22 Dec 2007 11:11:42 -0600
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: Ranga Samudrala <Ranga_Samudrala@bmc.com>
In-Reply-To: <D9278922-B4D0-422B-813F-0A64DDFA82C7@bmc.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Ranga Samudrala wrote:
> Hello,
>
> Has anybody found a way to store a kerberos ticket into a cache on
> the file system?
Have you looked at the
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/module/Krb5LoginModule.html
>
> I tried the following:
>
> String ticketCache = "/tmp/KTGT-RANGA";
> String newCacheFileName = "/tmp/KTGT-RANGA-NEW";
>
> //sun.security.krb5.Credentials c =
> sun.security.krb5.Credentials.acquireDefaultCreds();
> sun.security.krb5.Credentials c =
> sun.security.krb5.Credentials.acquireTGTFromCache(new PrincipalName
> (principal, PrincipalName.KRB_NT_PRINCIPAL), ticketCache);
> CredentialsCache fcache = FileCredentialsCache.create(new
> PrincipalName(principal, PrincipalName.KRB_NT_PRINCIPAL),
> newCacheFileName.toString());
>
> sun.security.krb5.internal.ccache.Credentials ccreds =
> new sun.security.krb5.internal.ccache.Credentials(
> c.getClient(), c.getServer(), c.getSessionKey()
> , new KerberosTime(c.getAuthTime()), new
> KerberosTime(c.getStartTime()), new KerberosTime(c.getEndTime()), new
> KerberosTime(c.getRenewTill())
> , true, c.getTicketFlags(), new HostAddresses
> (c.getClientAddresses()), null
> , c.getTicket(), null);
> fcache.update(ccreds);
> fcache.save();
>
>
> I am facing two issues:
> 1. sun.security.krb5.Credentials.acquireDefaultCreds() throws
> unsatisfied link error, looking for w2k_las_auth.dll file, even
> though I am running this on Linux.
>
> 2. If I bypass invoking acquireDefaultCreds(), somehow manage to
> read the credential cache and try to save the credential into another
> cache file, I see the following NullPointerException :
>
> java.lang.NullPointerException
> at sun.security.krb5.internal.HostAddresses.writeAddrs
> (HostAddresses.java:231)
> at
> sun.security.krb5.internal.ccache.CCacheOutputStream.addCreds
> (CCacheOutputStream.java:83)
> at
> sun.security.krb5.internal.ccache.FileCredentialsCache.save
> (FileCredentialsCache.java:292)
>
> Any help is appreciated.
>
> thanks
> Ranga
>
>
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
