https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #26 from Michael Osipov <1983-01...@gmx.net> 2011-03-28 04:40:34 EDT --- Mark, here's what you need to make it run: I expect you/someone to have an already working AD environment where the server with tomcat running is registered in the domain, have an SPN set and an keytab created for that service account. This is what you need to configure your setenv.sh: KERBEROS_CONFIG="-Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas.conf -Djavax.security.auth.useSubjectCredsOnly=false -Djava.security.krb5.conf=/etc/krb5.conf" The jaas.conf contains the login module pointing to the keytab or a already preloaded ticket cache. The krb5.conf is Unix usual with you realm and other realms used with tomcat. Pass KERBEROS_CONFIG to your JAVA_OPTS and make it run. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
