krb5.conf:
[logging]
default = FILE:/var/log/kerberos/krb5libs.log
kdc = FILE:/var/log/kerberos/krb5kdc.log
admin_server = FILE:/var/log/kerberos/kadmind.log
[libdefaults]
default_realm = LOCAL.NETWORK
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
[realms]
LOCAL.NETWORK = {
kdc = kerberosMachine.local.network
admin_server = kerberosMachine.local.network
}
[domain_realm]
local.network = LOCAL.NETWORK
.local.network = LOCAL.NETWORK
[login]
krb4_convert = false
krb4_get_tickets = false
login.conf:
KerberosClient {
com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true;
};
KerberosServer {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true keyTab="/etc/krb5.keytab"
doNotPrompt=true
storeKey=true
principal="Service/glassfishMachine.local.network@LOCAL.NETWORK";
};
wsit-service.xml:
wsit-client.conf: