2 Replies Latest reply on Mar 5, 2014 8:38 PM by KALPANA dokala

    spnego configuration (application deployed on unix)

    KALPANA dokala Newbie



      I have a intranet application with jboss app server 7.1.1 deployed on unix.

      I need to do integrated windows authentication for my application.


      My ldap server is ADS.  I need clear steps of configuration of doing this.

      I am not using any spring framework and i have already done with login.xhtml with a webfilter. It is working fine.


      Any help is appreciated




        • 1. Re: spnego configuration (application deployed on unix)
          Peter Skopek Newbie

          Hi Kapana!

          Try to start with this document: https://community.jboss.org/wiki/DRAFTUsingJBossNegotiationOnAS7

          I think it is clear enough to start with.



          • 2. Re: spnego configuration (application deployed on unix)
            KALPANA dokala Newbie

            Hi Peter,


            Thank you for your information and quick reply.

            Based on the link , I need to get the information of adc server and environment.

            After i get Kerberos realm and   KDC information from my network,do i  need to add below configuration under standalone.xml of jboss server?


            Could you please explain what is testserver substitution? 


            is this the same value "/home/username/service.keytab"  or  for keytab?





                  <property name="java.security.krb5.kdc" value="mykdc.mydomain"/>

                  <property name="java.security.krb5.realm" value="MY_REALM"/>




                <security-domain name="host" cache-type="default">


                    <login-module code="Kerberos" flag="required">

                      <module-option name="storeKey" value="true"/>

                      <module-option name="useKeyTab" value="true"/>

                      <module-option name="principal" value="host/testserver@MY_REALM"/>

                      <module-option name="keyTab" value="/home/username/service.keytab"/>

                      <module-option name="doNotPrompt" value="true"/>

                      <module-option name="debug" value="false"/>






            Thanks for your time and help.