Using a JAAS Login Configuration File

You can provide your Kerberos credentials in a JAAS login configuration file.

The file must specify doNotPrompt=true. It also must include either a keytab file and principal name, or a credential path.

To configure Kerberos authentication using a JAAS Login configuration file:

1. Create a JAAS login configuration file that includes either a keytab file and principal name, or a credential path.

   For example, the configuration file below includes a keytab file and principal name:

   Client {

   com.sun.security.auth.module.Krb5LoginModule required

   useKeyTab=true

   keyTab="C:\kerberos\keytab.krb"

   principal="host@REALM"

   doNotPrompt=true;

   };

   As another example, the configuration file below includes a credential path:

   Client {

   com.sun.security.auth.module.Krb5LoginModule required

   useTicketCache=true

   ticketCache="C:\Kerberos\ticketcache"

2. To configure Authentication, set
   

   doNotPrompt=true;};

3. Set the java.security.auth.login.config system property to the location of the JAAS file.

   For example: C:\KerberosLoginConfig.ini.

Related topics

• Using LDAP Authentication
• Using Password File Authentication
• Security and Authentication
• Authentication Connector Configuration Options
• Building the Connection URL