[jcifs] KerberosAuthExample Double Service Ticket Request
Michael B Allen
ioplex at gmail.com
Fri May 18 12:01:39 MDT 2012
On Wed, May 9, 2012 at 7:10 PM, Mike Patnode <mpatnode at yahoo.com> wrote:
> So the problem was lack of the appropriate reverse DNS records. Given the
> number of customer sites I've seen with reverse DNS configured incorrectly
> (including my client's development environment), is there a way to disable
> this requirement?
Hi Mike,
The jcifs-krb5 package was submitted by another party who do not
frequent this list so unfortunately I don't think you're going to get
the answers your looking for. All of the NTLM code in JCIFS has to be
abstracted before we can fold in proper Kerberos support. And that
would be something for a 2.x version (which has been on the TODO list
for a many years now).
For all practical purposes NTLM is perfectly suitable for most use
cases. If you want to utilize existing Kerberos credentials obtained
by other means such as through delegation then of course Kerberos
support in JCIFS would be required to use them. Otherwise, you should
use NTLM. NTLM is actually much more robust than Kerberos (as
evidenced in part by your DNS issue).
Mike
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
More information about the jCIFS
mailing list