跨域/领域身份验证
这是我的问题:我找不到任何有关使用 java+kerberos 进行跨域身份验证的文档。我必须针对其他领域上的远程 LDAP 进行身份验证。 我们如何在java中做到这一点?
谢谢
编辑:
这是我的krb5.conf:
[libdefaults]
default_realm = REALM1
dns_lookup_realm = false
dns_lookup_kdc = falseforwardable
= true
[realms]
REALM1 = {
kdc = kerberos.my.url.domain1:88
admin_server = kerberos.my.url .domain1:749
默认域 = .
}
REALM2 = {
kdc = kerberos.my.url.domain2:88
admin_server = kerberos.my.url.domain2:749
}
[domain_realm]
.my.url.domain1 = REALM1
.my.url.domain2 = REALM2
跨领域工作当我在domain1上执行时在命令行中
ldapsearch -H "ldap:/my.url.domain2"
所以我想我的 krb5.conf 很好
Here is my problem: I can't find any document on cross domain authentication with java+kerberos. I have to authenticate against distant LDAP on other realm.
How can we do that in java?
Thank you
EDIT:
Here is my krb5.conf:
[libdefaults]
default_realm = REALM1
dns_lookup_realm = false
dns_lookup_kdc = false
forwardable = true
[realms]
REALM1 = {
kdc = kerberos.my.url.domain1:88
admin_server = kerberos.my.url.domain1:749
default_domain = .
}
REALM2 = {
kdc = kerberos.my.url.domain2:88
admin_server = kerberos.my.url.domain2:749
}
[domain_realm]
.my.url.domain1 = REALM1
.my.url.domain2 = REALM2
Cross-realm works in command line when I execute on domain1
ldapsearch -H "ldap:/my.url.domain2"
so I suppose my krb5.conf is good
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
根据 LDAP 进行身份验证与利用 Kerberos 进行身份验证不同。
您能否提供更多有关您需要完成的任务的背景信息。例如:
Authenticating against an LDAP is not the same as authenticating with Kerberos.
Could you give some more backgroung on what it is you need to accomplish. For example: