hi,
I have been trying to use the NegotiateLoginModule from the page http://wiki.jboss.org/wiki/Wiki.jsp?page=NegotiateKerberos to log in a java client. (windows domain controller, windows client, linux jboss server).
I have a few questions on how to get this to work. I hope this is the appropriate place to ask.
My client side code looks like this below. So far I have gotten to the point where I am getting a callback from jboss with a challenge in it. I have the NegotiateLoginModule configured and in use on the server side - that seems to be working ok.
My questions are-
-on the client side, where is a password hash obtained to create a response?
-how does that password hash get used to create a response?
-what does the 'token' byte array get set to? (I see something called an impersonationToken in my Subject on the client side, but that is much too small to fill 8 bytes.
Anyway, any tips or clues to point me in the right direction would be much appreciated. Thanks.
client side code...
Map options = new HashMap(); options.put("debug", "true"); options.put("debugNative", "true"); Subject subject = new Subject(); NTLoginModule module = new NTLoginModule(); Map sharedState = new HashMap(); module.initialize(subject, null, sharedState, options); try { boolean in = module.login(); module.commit(); } catch (LoginException e) { sLogger.error(e); throw new SecurityException(e.getMessage()); } CallbackHandler callbackHandler = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { Callback callback = callbacks; System.out.println("callback.getClass() = " + callback.getClass()); } } }; try { LoginContext lc = new LoginContext("SPNEGO", subject, callbackHandler); lc.login(); } catch (LoginException e) { sLogger.error(e); throw new SecurityException(e.getMessage()); } InitialContext ctx = null; try { ctx = new InitialContext(); } catch (NamingException e) { sLogger.error(e); throw new RuntimeException(e); }