Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Kerberos with delegation

843810Aug 15 2007 — edited Aug 20 2007

Greetings,

Scenario :
We have an Http web server set up to do kerberos authentication.
We are able to get the delegated credential from the client in this server. At this point we want to use the delegated credential to make calls to back end services. There is no sample code or enough documentation I found on how to do this.

We are using Java 6.

He is our code and we are getting the exception[b] GSSException: Defective token detected

delagatedCred = serverContext.getDelegCred();
// create service name
GSSName service = manager.createName(
"serviceName@domain",
krb5PrincipalNameType
);

GSSContext context = manager.createContext(
service,
spnegoOid,
delagatedCred, // This the delegated credential we got in the server
GSSContext.DEFAULT_LIFETIME
);

ByteArrayOutputStream stream = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(new byte[0]);

while (!context.isEstablished()) {
int byteCount = context.initSecContext( in , stream );
stream.flush();
}

Is this the right way to do it ? Any inputs, ideas, comments on what we are missing ?

Thank you !

Locked Post

New comments cannot be posted to this locked post.

Locked on Sep 17 2007

Added on Aug 15 2007

#kerberos-java-gss-jgss

4 comments

313 views