[prev in list] [next in list] [prev in thread] [next in thread]
List: tomcat-user
Subject: catalina.authentication
From: Keith Brown <keith6014 () gmail ! com>
Date: 2017-10-27 0:54:47
Message-ID: CAPPhDfhNJxYBS4GyX+2QdKX9bV1wbr=EBW=QcSv=QPetZ5G6kA () mail ! gmail ! com
[Download RAW message or body]
In my log file, I keep seeing Unable to login as service principal. (kerberos).
I followed these instructions:
https://tomcat.apache.org/tomcat-8.0-doc/windows-auth-howto.html
here is what I did:
I created a DNS entry for my intranet server. "pluto"
Ask my NT admin to create me a domain user (web_user)
Have the Admin create a service principal name HTTP/pluto.site.org
She created a keytab file for me.
in ../Catalina/localhost/app.xml
I put
<Context>
<Valve classname="org.apache.catalina.authenticator.SpnegoAuthenticator />
<Realm classname="org.apache.catalina.realm.JAASRealm"
allRolesMode="authOnly" />
</Context>
In my WEB-INF/web.xml
Added <login-config> <auth-method>SPNEGO</auth-method> </login-config>
And put some security-constraints.
I restrated tomccat (version 8). And i see this message.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic