Differences

This shows you the differences between two versions of the page.

--- 72:configure_jaas_jgss [2018/07/06 18:48] – bkkr
+++ 72:configure_jaas_jgss [2024/02/15 00:00] (current) – external edit 127.0.0.1
@@ Line 5: / Line 5: @@
 === Java Authentication and Authorization Service (JAAS) ===
-JAAS is a standard Java API, which has to be configured with your network settings. Please edit the provided example file <font inherit/Courier New,Courier,monospace;;inherit;;inherit>''/tomcat/webapps/pkit/WEB-INF/conf/jaas.conf''</font> and replace the example values according to your network configuration:
+JAAS is a standard Java API, which has to be configured with your network settings. Please edit the provided example file ''conf/jaas.conf'' and replace the example values according to your network configuration:
 <code>
@@ Line 11: / Line 11: @@
   com.sun.security.auth.module.Krb5LoginModule required
     useKeyTab=true
-    keyTab=""
+    keyTab="//**PATH_TO_KEYTAB_FILE**// "
     storeKey=true
     realm="<KERBEROS-REALM>"
     debug="false"
-    principal="HTTP/<fqnd>@<KERBEROS-REALM>
+    principal="HTTP/<fqnd>@<KERBEROS-REALM>";
-}
+};
 </code>
@@ Line 24: / Line 25: @@
 |<fqdn>|The full quantified DNS domain name of the Stages Server.|
-Example:
+Example:<code>
-<code>
 de.methodpark.pkit.auth.SpnegoAuthenticator {
  com.sun.security.auth.module.Krb5LoginModule required
@@ Line 34: / Line 34: @@
  realm="PKITBUILD.ER.METHODPARK.DE"
  debug="false"
- principal="HTTP/pkit.methodpark.de@PKITBUILD.ER.METHODPARK.DE"
+ principal="HTTP/pkit.methodpark.de@PKITBUILD.ER.METHODPARK.DE";
-}
+};
 </code>
 === Java Generic Security Services (JGSS) ===
-JGSS is another Java Standard API, which has to be configured with your network information. Please edit the provided example file <font inherit/Courier New,Courier,monospace;;inherit;;inherit>''/tomcat/webapps/pkit/WEB-INF/conf/krb5.conf''</font> and replace the example values according to your network configuration:
+JGSS is another Java Standard API, which has to be configured with your network information. Please edit the provided example file ''/conf/krb5.conf'' and replace the example values according to your network configuration:
 <code>
@@ Line 55: / Line 56: @@
 .<ad-dns-domain> = PKITBUILD.ER.METHODPARK.DE
 <ad-dns-domain> = PKITBUILD.ER.METHODPARK.DE
 </code>
@@ Line 62: / Line 64: @@
 |<ad-dns-domain>|The DNS domain which belongs to the Active Directory.|
-Example:
+Example:<code>
-<code>
 [libdefaults]
 default_realm = PKITBUILD.ER.METHODPARK.DE
@@ Line 77: / Line 78: @@
 .pkitbuild.er.methodpark.de = PKITBUILD.ER.METHODPARK.DE
 pkitbuild.er.methodpark.de = PKITBUILD.ER.METHODPARK.DE
 </code>
+=== AES-256 encryption ===
+To use AES-256 encryption add  aes256-cts  to the list of  default_tkt_enctypes  and  default_tgs_enctypes .
 === Configuration Test ===
@@ Line 83: / Line 89: @@
 To test your JAAS and JGSS configuration in a Stages server environment proceed in the way described below:
-  * Open a command prompt and change to the <PKIT_HOME> directory.
+  * Open a command prompt and change to the <stages> directory.
-  * Type ''bin\testAutoLogin.bat ''  (on Windows) or ''bin/testAutoLogin.sh''  (on Unix) and hit enter.
+  * Type ''bin\testAutoLogin.bat''  (on Windows) or ''bin/testAutoLogin.sh'' (on Unix) and hit enter.
   * Watch the command prompt for output messages.
+===   ===
 \\