The Kerberos client is registered with the principal database of the KDC. The API that
you want to access is registered with the KDC. A valid Kerberos configuration file is
available.
Before you begin
Before you configure webMethods API Gateway to use
Kerberos authentication, can Ensure that:
- A working Key Distribution Center (KDC) is set up.
- The KDC is configured as an LDAP directory, for authenticating incoming requests with Kerberos
tickets.
Procedure
- Open the menu options and select
Administration.
- Select .
- Click Edit.
- Provide or modify the information as required.
| Field |
Description |
| Realm |
Optional. The domain name of the Kerberos server, in uppercase letters. Note:
A value specified for realm overwrites the realm set in the KDC configuration file specified in
Kerberos configuration file.
|
| Key distribution center |
Optional. The hostname of the machine on which the KDC stays. A value
specified for Key distribution center overwrites the default key distribution center set in the KDC
configuration file specified in Configuration file. |
| Configuration file |
The location of the Kerberos configuration file that contains the Kerberos
configuration information, including the locations of KDCs, defaults for the realm and for Kerberos
applications, and the host names and Kerberos realms mappings. |
| Use subject credentials |
Specifies whether webMethods API Gateway requires a Kerberos V5 Generic Security Services
(GSS) mechanism to obtain the necessary credentials from an existing subject set up by the JAAS
authentication module. Here, subject represents the user or service being authenticated in the JAAS
login context. |
- Click OK.