Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java process for authentication on Windows against AD (kerberos)

I'm aware I can call out to Active Directory and do queries provided I have a cleartext username and password. (I don't want to do that)

In VB, I can set authorisation levels by NT group - and the user doesn't have to enter their password nor, store it in a text file. (My understanding is that this has access to the Windows AD ticket).

How can I get the kerberos ticket from the user's logged in session in windows? (without asking for a username and password).

This appears to get there: Java and Kerberos authentication krb5.conf versus System.setProperty But doesn't get the ticket.

(It is beginning to sound like I'll have to call the Win32 API with JNA to get the kerberos ticket - I'm hoping there is a simpler way.)

like image 681
hawkeye Avatar asked Jul 17 '11 04:07

hawkeye


1 Answers

You should start with this one. It will guide your through the steps to obtain a service ticket for a specific server. Beware that the client machine and account have to part of the domain.

like image 104
Michael-O Avatar answered Nov 09 '22 19:11

Michael-O