Kerberos Options

This section provides the following configuration options:

• Kerberos Configuration File - The name and location of the Kerberos configuration file. Example: C:\example-Kerb\krb5.ini or /usr/local/example-kerb/krb5.conf

  A sample configuration file is provided :

•           [libdefaults] default_realm = $REALM-NAME$
            default_tkt_enctypes = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
            default_tgs_enctypes = aes128-cts rc4-hmac des3-cbc-sha1
            des-cbc-md5 des-cbc-crc
            permitted_enctypes = aes128-cts rc4-hmac
            des3-cbc-sha1 des-cbc-md5 des-cbc-crc
            [realms]
            $REALM-NAME$ = {
            kdc = $KDC-HOST$
            default_domain = $DEFAULT-DOMAIN$
            }
            [domain_realm]
            .$DOMAIN-REALM$ = $DOMAIN-REALM$
           

• JAAS Login Configuration File - The name and location of the JAAS Login configuration file. Example: C:\exampleKerb\login.conf or /usr/local/examplekerb/login.conf

              com.sun.security.jgss.login {
              com.sun.security.auth.module.Krb5LoginModule required
              client=TRUE useTicketCache=true
              debug=true;};
              com.sun.security.jgss.initiate
              { com.sun.security.auth.module.Krb5LoginModule required
              client=TRUE useTicketCache=true debug=true; };
              com.sun.security.jgss.accept
              { com.sun.security.auth.module.Krb5LoginModule
              required client=TRUE useTicketCache=true debug=true; };