Hi I'm trying to make run an example found on the java.sun.com web site. This example is issued of a paper called "Single Sign-on Using Kerberos in Java" and is based on JAAS and the GSS-API.
If I understand Kerberos all right, the Kerberized service (called server in this example) and the KDC have to share a secret key. This shared secret key will be encrpyted with the client's secret key and returned by the TGS, when the client requests a service ticket. Now, I want to make this run on the following environment: KDC: Windows 2003 client: Windows XP with Java 1.4.2 server: Solaris with Java 1.4.2 There are two things I don't understand: 1) When will the client request the service ticket? (How does it request a service ticket, using JAAS and GSS?) 2) How do the Kerberized service and the KDC share the secret keys? My understanding is that there must be one shared key per pair of user/service, is that right? (I've found something about a microsoft tool called ktpass, but i think it is only used to bound the service principal to the windows account name.) Thanks in advance Claude ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
