-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Web Server
12.2.3. Configure the Kerberos Client
Use the following procedure to configure a Kerberos client for testing purposes:
Procedure 12.1. Configure the Kerberos Client
Create the Kerberos Configuration File
Create thekrb5.conf
configuration file in the/etc
directory and add the following to the file:[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = EXAMPLE.COM default_tgs_enctypes = des-cbc-md5,des3-cbc-sha1-kd default_tkt_enctypes = des-cbc-md5,des3-cbc-sha1-kd dns_lookup_realm = false dns_lookup_kdc = false allow_weak_crypto = yes ticket_lifetime = 24h renew_lifetime = 7d forwardable = yes [realms] EXAMPLE.COM = { kdc = localhost:60088 admin_server = localhost:60088 } [domain_realm] .example.com = EXAMPLE.COM example.com = EXAMPLE.COM
Create a Key Tab
Create a key tab in the/etc/httpd
folder with the following contents:ktutil ktutil: addent -password -p HTTP/localhost@EXAMPLE.COM -k 0 -e des-cbc-md5 Password for HTTP/localhost@EXAMPLE.COM: secretpwd ktutil: list slot KVNO Principal ---- ---- --------------------------------------------------------------------- 1 0 HTTP/localhost@EXAMPLE.COM ktutil: wkt krb5.keytab ktutil: quit Under root user: chgrp apache /etc/httpd/krb5.keytab chmod 640 /etc/httpd/krb5.keytab
Check the Hosts File
Ensure that the following host configuration is included in the/etc/
hosts
file:127.0.0.1 localhost