I want to access an LDAP directory in Java using a keytab. However, my keytab appears as null.
Password access works with this code after the logincontext has been created (I get my tickets in kerberos):
Hashtable<String, String> env = new Hashtable<>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
env.put(Context.PROVIDER_URL, "ldap://localhost/");
final DirContext ctx = new InitialDirContext(env);
Attributes attributes = ctx.getAttributes("cn=user1,ou=people,dc=example,dc=com");
I use the following code to try to access the directory via the Keytab file, but it always asks me to enter a password :
JaasClient {
com.sun.security.auth.module.Krb5LoginModule required
client=true
useKeyTab=true
keytab="/etc/security/keytabs/users3.keytab"
debug=true
storeKey=true
principal="[email protected]";
};
DirContextSource.Builder builder = new DirContextSource.Builder("ldap://localhost");
builder.gssApiAuth("JaasClient");
DirContextSource contextSource = builder.build();
DirContext ctx = contextSource.getDirContext();
Attributes attributes = ctx.getAttributes("cn=user1,ou=people,dc=example,dc=com");
Error :
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is null
Key for the principal users3@REALM not available in default key tab
Can someone tell me what I am doing wrong ?
kinitbefore assuming everything is correct.