Secure JBoss with SPNEGO with multiple hostnames

Solution Verified - Updated -

Issue

  • Is it possible to configure two possible service principal names because clients may either use host1.company.com or host2.company.com?
  • We have a single AD service account - adserviceuseraccount - with which we want to associate 3 SPNs:

    HTTP/jbosshost1.local.network@LOCAL.NETWORK
    HTTP/jbosshost2.local.network@LOCAL.NETWORK
    HTTP/jbosshost3.local.network@LOCAL.NETWORK
    

    The above SPNs represent the hostnames of the web servers we want to authenticate with Kerberos/SPNego. Is this possible ? How can we configure this with JBoss ?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 5.x
    • 6.x
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In