hi,
I have been trying to use the NegotiateLoginModule from the page http://wiki.jboss.org/wiki/Wiki.jsp?page=NegotiateKerberos to log in a java client. (windows domain controller, windows client, linux jboss server).
I have a few questions on how to get this to work. I hope this is the appropriate place to ask.
My client side code looks like this below. So far I have gotten to the point where I am getting a callback from jboss with a challenge in it. I have the NegotiateLoginModule configured and in use on the server side - that seems to be working ok.
My questions are-
-on the client side, where is a password hash obtained to create a response?
-how does that password hash get used to create a response?
-what does the 'token' byte array get set to? (I see something called an impersonationToken in my Subject on the client side, but that is much too small to fill 8 bytes.
Anyway, any tips or clues to point me in the right direction would be much appreciated. Thanks.
client side code...
Map options = new HashMap();
options.put("debug", "true");
options.put("debugNative", "true");
Subject subject = new Subject();
NTLoginModule module = new NTLoginModule();
Map sharedState = new HashMap();
module.initialize(subject, null, sharedState, options);
try {
boolean in = module.login();
module.commit();
} catch (LoginException e) {
sLogger.error(e);
throw new SecurityException(e.getMessage());
}
CallbackHandler callbackHandler = new CallbackHandler() {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
Callback callback = callbacks;
System.out.println("callback.getClass() = " + callback.getClass());
}
}
};
try {
LoginContext lc = new LoginContext("SPNEGO", subject, callbackHandler);
lc.login();
} catch (LoginException e) {
sLogger.error(e);
throw new SecurityException(e.getMessage());
}
InitialContext ctx = null;
try {
ctx = new InitialContext();
} catch (NamingException e) {
sLogger.error(e);
throw new RuntimeException(e);
}