Kerberos Authentication Issue
Florian Weimer
fw at deneb.enyo.de
Fri Jul 22 21:22:24 UTC 2016
* Carlos Gunners:
> When I try to connect a java app (tomcat8 container, openjdk-7-jre v 7u101,
> debian jessie) to this ldap service via GSSAPI/kerberos using a keytab for
> auth, it repeatedly fails .. initially failing to find the service
> principal in kerberos via its non-canonical hostname (meaning that the java
> app totally ignores rdns setting, and thus does no reverse dns check before
> trying to obtain a ticket).
Would be a service principal selection based on reverse DNS even
secure?
More information about the security-dev
mailing list