堆栈内存溢出
  简体   繁体   English

如何在Java中更改kerberos密码

[英]How to change kerberos passwords in Java

 原文  2010-09-07 12:55:16       java/ kerberos/ change-password

问题描述

I have to admin kerberos users directly in Java (J2EE web-app). 我必须直接在Java(J2EE网络应用程序)中管理kerberos用户。 How can I do the equivalent to kpasswd (or kadmin) command with/without extra lib? 如何在有/没有额外lib的情况下等效于kpasswd(或kadmin)命令? I found a few commercial APIs but they are very expensive... 我发现了一些商业API,但它们非常昂贵...

Thank you for your help 谢谢您的帮助

3 个解决方案

解决方案1
 4  2012-10-12 14:07:59

The Kerberos Change Password protocol has been implemented in ApacheDS http://directory.apache.org/ . Kerberos更改密码协议已在ApacheDS http://directory.apache.org/中实现。

« Besides LDAP it supports Kerberos 5 and the Change Password Protocol. «除了LDAP,它还支持Kerberos 5和更改密码协议。 » »

It's in Java, Open Source and Free as in beer. 它使用Java,开源和啤酒免费。

解决方案2
 1  2010-09-07 13:14:49

Can you just invoke kpasswd from your application? 您可以只从应用程序中调用kpasswd吗? 

String cmd = "kpasswd -principal foo -passwd bar";
Runtime rt = Runtime.getRuntime();
Process pr = rt.exec(cmd);
pr.waitFor();
BufferedReader r = new BufferedReader(new InputStreamReader(pr.getInputStream()));
String line = "";
while ((line=r.readLine()) != null) {
  // TODO process response
}
r.close();

解决方案3
 0  2016-01-03 10:05:59

Using ApacheDS - Maven: 使用ApacheDS-Maven: 

<dependency>
    <groupId>org.apache.directory.server</groupId>
    <artifactId>kerberos-client</artifactId>
    <version>2.0.0-M21</version>
</dependency>

Java: Java的: 

KdcConfig config = KdcConfig.getDefaultConfig();
config.setHostName("ldap.server.cz");
config.setUseUdp(false);

Set<EncryptionType> enct = new HashSet<EncryptionType>();
enct.add(EncryptionType.AES256_CTS_HMAC_SHA1_96);
config.setEncryptionTypes(enct);

KdcConnection conn = new KdcConnection(config);
ChangePasswordResult res = conn.changePassword(userPrincipal, userPassword, "NewPassword");
if (res.getCode().compareTo(ChangePasswordResultCode.KRB5_KPASSWD_SUCCESS) == 0) {
    System.out.println("Password was changed!");
} else {
    System.out.println("Password change error - " + res.getCode().name());
}

You have to allow port 464 (tcp or udp, depends on what protocol you use). 您必须允许端口464(tcp或udp,取决于您使用的协议)。

Problem is that this returns me KRB5_KPASSWD_MALFORMED all the time :( Error codes description - https://www.ietf.org/proceedings/50/ID/cat-kerberos-set-passwd-04.txt . 问题是,这种返回我KRB5_KPASSWD_MALFORMED所有的时间:(错误代码描述- https://www.ietf.org/proceedings/50/ID/cat-kerberos-set-passwd-04.txt

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Kerberos:如何在Java中“密码已过期异常”之后更改密码 - Kerberos: How to change the password after “password has expired exception” in Java 更改Java的Kerberos票证缓存位置 - Change Kerberos ticket cache location for java 使用Java的Kerberos - Kerberos with Java Java和Kerberos - Java and Kerberos 如何在 sqljdbc4.jar 中配置 Java Kerberos - How to configure Java Kerberos in sqljdbc4.jar 如何在Java中禁用kerberos重播缓存? - How to disable kerberos replay cache in Java? 如何在Java中针对服务器验证Kerberos票证? - How to validate a Kerberos ticket against a server in Java? 如何使用 MongoURI 在 java 中配置 kerberos 身份验证 - How to configure kerberos authentication in java with MongoURI Java8中的Kerberos / SPNEGO服务器端身份验证更改 - Kerberos/SPNEGO server side auth change in Java8 如何阅读Java中的数字密码? - How can I read numeric passwords in Java?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM