在 Windows 上针对 AD 进行身份验证的 Java 进程 (kerberos)
我知道只要我有明文用户名和密码,我就可以调用 Active Directory 并进行查询。 (我不想这样做)
在VB中,我可以按NT组设置授权级别 - 并且用户不必输入密码,也不必将其存储在文本文件中。 (我的理解是,这可以访问Windows AD票证)。
如何从 Windows 中用户登录的会话中获取 kerberos 票证? (无需询问用户名和密码)。
这似乎到达那里: Java 和 Kerberos 身份验证 krb5.conf 与 System.setProperty 但没抢到票。
(听起来我必须使用 JNA 调用 Win32 API 才能获取 kerberos 票证 - 我希望有一种更简单的方法。)
I'm aware I can call out to Active Directory and do queries provided I have a cleartext username and password. (I don't want to do that)
In VB, I can set authorisation levels by NT group - and the user doesn't have to enter their password nor, store it in a text file. (My understanding is that this has access to the Windows AD ticket).
How can I get the kerberos ticket from the user's logged in session in windows? (without asking for a username and password).
This appears to get there:
Java and Kerberos authentication krb5.conf versus System.setProperty
But doesn't get the ticket.
(It is beginning to sound like I'll have to call the Win32 API with JNA to get the kerberos ticket - I'm hoping there is a simpler way.)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您应该从这个 一。它将指导您完成获取特定服务器的服务票证的步骤。请注意,客户端计算机和帐户必须是域的一部分。
You should start with this one. It will guide your through the steps to obtain a service ticket for a specific server. Beware that the client machine and account have to part of the domain.