57 lines
4.8 KiB
HTML
57 lines
4.8 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Obtaining Kerberos credentials and creating secret keys" />
|
|
<meta name="abstract" content="The GSS-API does not define a way to get credentials. For this reason, the IBM JGSS Kerberos mechanism requires that the user obtain Kerberos credentials. This topic instructs you on how to obtain Kerberos credentials and create secret keys, and about using JAAS to perform Kerberos logins and authorization checks and review a list of JAAS permissions required by the Java virtual machine (JVM)." />
|
|
<meta name="description" content="The GSS-API does not define a way to get credentials. For this reason, the IBM JGSS Kerberos mechanism requires that the user obtain Kerberos credentials. This topic instructs you on how to obtain Kerberos credentials and create secret keys, and about using JAAS to perform Kerberos logins and authorization checks and review a list of JAAS permissions required by the Java virtual machine (JVM)." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajgssuse.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajgssusejaas10.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajgssusejaas20.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajgssconfigs.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzahajgssusejaas" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Obtaining Kerberos credentials and creating secret keys</title>
|
|
</head>
|
|
<body id="rzahajgssusejaas"><a name="rzahajgssusejaas"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Obtaining Kerberos credentials and creating secret keys</h1>
|
|
<div><p>The GSS-API does not define a way to get credentials. For this
|
|
reason, the IBM<sup>®</sup> JGSS
|
|
Kerberos mechanism requires that the user obtain Kerberos credentials. This
|
|
topic instructs you on how to obtain Kerberos credentials and create secret
|
|
keys, and about using JAAS to perform Kerberos logins and authorization checks
|
|
and review a list of JAAS permissions required by the Java™ virtual
|
|
machine (JVM). </p>
|
|
<p>You can obtain credentials by using one of the following methods:</p>
|
|
<ul><li><a href="rzahajgssusejaas10.htm">Kinit and Ktab tools</a></li>
|
|
<li><a href="rzahajgssusejaas20.htm">Optional JAAS Kerberos login interface</a></li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahajgssuse.htm" title="The IBM Java Generic Security Service (JGSS) API 1.0 shields secure applications from the complexities and peculiarities of the different underlying security mechanisms. JGSS uses features provided by Java Authentication and Authorization Service (JAAS) and IBM Java Cryptography Extension (JCE).">Running IBM JGSS applications</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzahajgssusejaas10.htm" title="Your choice of a JGSS provider determines which tools that you use to obtain Kerberos credentials and secret keys.">The Kinit and Ktab tools</a></div>
|
|
<div><a href="rzahajgssusejaas20.htm" title="IBM JGSS features a Java Authentication and Authorizaiton Service (JAAS) Kerberos login interface. You can disable this feature by setting the Java property javax.security.auth.useSubjectCredsOnly to false.">JAAS Kerberos login interface</a></div>
|
|
<div><a href="rzahajgssconfigs.htm" title="JGSS and JAAS depend on several configuration and policy files. You need to edit these files to conform to your environment and application. If you do not use JAAS with JGSS, you can safely ignore the JAAS configuration and policy files.">Configuration and policy files</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |