Hello,I'm trying to authenticate a user against Active Directory with Java. It works well but when i'm trying to use special characters (like ? ? ? in the password, the kerberos logon fails. Do i have to encode my string in another format ? Does kerberos support these char ?The code: public ...

Hello:I am using j2sdk1.4.2_07 and attempting to incorporate single-signon. There is a very nice article describing all of the steps necessary @ http://e-docs.bea.com/wls/docs90/secmanage/sso.htmlMy problem is at the final step which uses the kinit utility to verify Kerberos authentication is ...

Hi,How can I use Kerberos authentication for my RMI clients? I have exposed my remote APIs and the clients should authenticate themselves and pass their security context before each call. Is there any example, tutorial available for this? The example given in Java SDK demonstrate message ...

Hi,Am using JOSSO and very new to this technology. I followed the steps as given in the guidelines page.After configuring my application, when executing am getting a message like this "Invalid Authentication Information" . I dont know why it is displaying this error.I followed exactly the ...

I have implemented a client for secure file exchange over HTTPS . Everything works fine, except that I occasionally get this SSLProtocolException: Unsupported SSL message version. This only happens during uploads and only if an upload immediately follows a download. And it's not consistent at ...

Hi all,im going to be really desperate from this error message during the authentization to the Win2003 server where the Active Directory is running ... Im using Krb5LoginModule. - Our administrator of the AD service has enabled DES encryption at the tested account. - Im sure that entered ...

Hi every one,I come to redefine my previous post, maybe I wasn't clear enough,that's why i seem to get no help...do some of you know how i can decode and handle myself SSO with AD ?To be more precise , I've already setup an clean config :An AD server (W2K3) on comupter "Main",an host for my ...

Hey.I've sprent pretty much all day reading and experimenting with the security stuff surrounding signed applets, it all seems fine except one ickle thing. I can't figure out how to get that popup security warning window asking the user to verify that it is ok for the applet to be granted ...

Hi,Am trying to use Java GSS Api(JDK 1.5) to perform kerberos authentication on a Windows 2003 server. Am following the steps specified in JDK docs.Am receiving following error while calling login on LoginContextDebug is true storeKey true useTicketCache false useKeyTab false doNotPrompt false ...

If I declare setBounds in mainprogram class I get the correct window but the submenu's are Blocked (isnt displayed - the submens' work fine if I remove setbounds line but then JFrame is very small again)I've tryed to enter setBounds() into the XXX class but that has no effect on the size of ...

Hi.... Im trying to develope SSO solution for our portals..... i found, currently on windows environment only Active Directory. can be used as kerberos database.... but our users profile are stored in my sql database.. is it possible to use kerberos to authenticate users again mysql ...

Hi,I have a problem with signed applets in IE. I#m using JDeveloper to develop a simple applet which needs to connect to database in order to perform certain tasks. when I try to use self-signed cab files - I get error "load class --myClassName-- not found". If I have plug-in code in html page ...

I hope this is a newbie question for you guys out there since I've been googling for a solution for days but no luck so far. I am trying to learn JAAS programming and got started from a very simple example where a client authenticate to kerberos and send messages to a echo server. I am using ...

Hi all,Could u pls tell me how to make or configured NT service for tomcat for Https or SSL enabled. Pls provide configuration document if possible.

Hi, Actually i have created a web application uses GSSAPI(java1.6) . Implemented SPNEGO in the web application.. But the problem is , if AD(Active Directory windows 2003) and webserver (tomcat) is in same machine, my application is working properly when i browser through the IE. But the same ...

dear all,can i ask u to do me a favor to help me find a part of example malicious source code that is still able to execute despite Java抯 security measures cause i need it as a example in my report. i can't find any on google. thanks so much.

Hi there,I am thinking about creating a Java project that requires some authentification routines.Users (which are given a unique user ID) are employing a client software (Java) that retrieves specific data from a webserver (available ressources HTML, SSI, PHP, .htaccess).A user should be able ...

Hi, I currently have Apache 2.2.4 with mod_auth_kerb 5.3 running on Linux. I followed the instructions in http://www.grolmsnet.de/kerbtut/ to setup authentication against windows 2000 as KDC. I also configured IE to support SPNEGO so that i can do transparent authentication. Everything works ...

Hi all,I am using Java 1.2.2 with the JSSE 1.0.2 extension installed. I have what I am fairly sure is a PKCS12 keystore generated by an AS400 which I am trying to load - code snippet below:KeyStore ks = KeyStore.getInstance("PKCS12", "SunJSSE");ks.load(new FileInputStream(keystoreName), ...

I am developing a single sign-on module for our company's Intranet site. I am using jcfis extended version, which supports Kerberos authentication. It requires a krb5.ini file in c:/winnt directory. I am using AuthenticationFilter class which will autheticate a request. I have Tomcat on my ...

Please, I am beginner with respect to the kerberos protocol and have some doubts of its use:1) Is Kerberos security suitable for financial applications?2) What are the advantages of kerberos with respect to SSL?3) Does Java provide full support for kerberos?Thank ...

Hi,Am relatively new in the domain of Java Security, JAAS and JGSS. After reading the tutorials and examples, I was able to do authentication and message transfer using Kerberos LoginModule. All the examples demonstrates message transfer and credential passing at socket level.But in normal ...

Hiii, i am trying to search my ldap, i am able to connect using kerberos, butwhen i perform ldap serach i am getting the below error messagejavax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid ...

Hi,I have a pair of questions about authentication/validation of Kerberos tickets against Active Directory.I needed to validate a Kerberos Ticket obtained in a login to an Active Directory. I have done so with the next steps.a) I have modified the Krb5LoginModule so as to create the Credentials ...

Hi,In the examples I have seen, a SPENGO token is transferred from client to server via sockets. Once the token is obtained,GSS-APi calls like the following can be called to extract the userIdfrom the SPENGO token. In the code below,innerContextToken would be obtained after some socket based ...

<h1>My Web Page</h1></td></tr></span></table></td></tr></span></table></td></tr></span></table></td></tr></span></table></td></tr></span></table><h1>This ...

We have a setup with windows2000 and Kerberos/JGSS. Can someone provide me with the information as to what additional needs to be done so as to be able to authenticate a username given in UTF-8 data. The user authentication for ascii characters succeeds for me but fails while I enter usename ...

Hi All,I have configured mod_auth_kerb with apache. After kerberos authentication I am not able to get user name that is authenticated.In Apaches error log file the name of the user got printed.Can anybody tell me how to get it?Please guide ...

Our application is java based, and we use JAAS to allow authentication for the users though Active Directory.In particular we alwyas encourage our prospect clients to use Krb5LoginModule.We would1. add new user to AD , set DES for the account, reset the password2.setspn -A ...

Hi guys,I had a similar post in this subject before. Though got no reply. I guess the question was not clear. I could trace the prblem a bit more .. Any clue to help me find the source of problem is really appreciated !I have developed a client and a web service ( Axis 1.4 + tomcat 5).Client ...

I've to port a Java SSO client (working correctly on W2K) on Vista.Dispite having set allowtgtsessionkey on Vista, the client seam not to be able to acquire the session key. With a network sniffer on the client I get:No.TimeSourceDestinationProtocol Info1713 6.357615138.191.82.26 10.168.24.44 ...

All,I'm getting the following error on a Solaris 8 machine:kinit: KRB5 error code 52 while getting initial credentialsSo far my analysis shows this error to indicate the following:0x34 - KRB_ERR_RESPONSE_TOO_BIG - Too much dataAccording to a number of forums, some inheriant limitations exist ...

Hello Dudes,Can anybody tell the way how to develop an application with integrated windows domain authentication ? (By using Java)Help appriciated.And i don't know is it the correct forum to post. If it is not correct forum please reply me with links to the correct forums.Thanks in ...

Hi!The problem is in web application.The customer claims that this is not Kerberos implementation when the user has to write thery username and password by opening the web page.The problem is that there is more than 500 users whose browser should be modified. And customer does not accept the ...

My simple program: public static void main(String[] args) throws KrbException, IOException {Credentials c = Credentials.acquireDefaultCreds();System.out.println("default creds: " + c);Credentials s = Credentials.acquireServiceCreds("HTTP/test.xxx.xx", c);System.out.println("service creds: " + ...

I want to pull the PAC out of AD-generated Kerberos credentials.1) Do I need to obtain a KerberosTicket, which I then examine as an ASN.1 encoded byte array, or is there an easier way?2) If I want to get a KerberosTicket on the server side, after a client has juggled contexts with me, how do I ...

Are the tokens generated by context processsing shippable/receivable without any modification?Are the tokens compatible with the tokens processed/created by the MSFT equivalent of GSS-API?Alec

Hi,I am trying to read a file from the remote http location using the following program.import java.io.BufferedReader;import java.io.IOException;import java.io.InputStreamReader;import java.net.Authenticator;import java.net.MalformedURLException;import java.net.PasswordAuthentication;import ...

I've develped a signed applet which works with the java plugin 1.3.1 and a self signed certificate. while developing i followed the description from irene67 in this forum. every thing works perfektly apart from the grant access dialog. after installing my certificate and starting my applet ...

Hi all,I'm facing a problem : the kerberos related utilities (kinit/klist/kdestroy) have disappeared since Java 1.6, and only under Linux. In a Windows installation, there's no problem.My question is : how can I replace now these utilities ? Is it a bug in the JDK or JRE installation package ...

I use -Djava.security.Manager when running the test app and then call:java.lang.SecurityManager sm = System.getSecurityManager();System.out.println(sm == null); It always prints true! Why? How do I make the SecurityManager not null? ...

Hey,I am working on a single sign-on solution for smart clients (written in Java). Kerberos authentication with JAAS works fine, but what is the Java GSS API for? That - according to some Tutorials like "Single Sign-on Using Kerberos in Java" - is supposed to be executed in the Subject's doAs ...

I am attempting to write a proof of concept of Single Sign On using Kerberos and Active Directory.I have searched through these forums and found several suggestions which I have attempted to use, in fact my code snippet below comes from these forums.I have set the registry setting ...

Hello, I am implementing Single Sign-on feature using Kerberos in Java.Ours is a web based application. When user opens application using browser, it sends windows username to Web server, the Web server should try to get valid KerberosTicket for this user and if the ticket is valid the browser ...

Hi all, I want to know various reporting tools which are downladable , fast and can save in pdf,csv,xml,doc,xls formatsCan any one give me the answers

Hello!I am trying to integrate kerberos SSO into weblogic platform.Doing exactly as it is described here - http://dev2dev.bea.com.cn/techdoc/20060621823.htmlMy jaas config:com.sun.security.jgss.initiate {com.sun.security.auth.module.Krb5LoginModule requiredprincipal="HTTP/wl.dev.org@DEV.ORG" ...

I'm trying to write a Java Servlet Filter to perform kerberos through Spnego. I'm working with a windows 2003 Server (Enterprise Edition) but I keep getting prompted for the password. This obviously won't do for a server program so I'm trying to figure out a way around entering the password ...

Hello,Is there an way to destroy an existing Kerberos ticket with Java 1.6 ?I need to do multiple access to the same server but with different authentification.Thanks,Laurent

Hi experts !I use Basic Authentication with ISS + Tomcat. I want to get user information from request.getHeader("Authentication") in a servlet. I have decoded it by Base64 coding. And I have following content:Negotiate ...

Hi,I am trying to run the GSSClient/GSSServer example in the JAAS/JGSS tutorial. In the tutorial it says "So for the purposes of trying out this tutorial, you could use your user name as both the client user name and the service principal name. "As I dont have permissions to make modifications ...