Rebooting Kerberos configuration in JAVA without restarting the JVM

Question

Rebooting Kerberos configuration in JAVA without restarting the JVM

The following code is for authentication on a Windows AD server using Java + Kerberos, and it works great -

public class KerberosAuthenticator { public static void main(String[] args) { String jaasConfigFilePath = "/myDir/jaas.conf"; System.setProperty("java.security.auth.login.config", jaasConfigFilePath); String krb5ConfigFilePath = "/etc/krb5/krb5.conf"; System.setProperty("java.security.krb5.conf", krb5ConfigFilePath); boolean success = auth.KerberosAuthenticator.authenticate("testprincipal", "testpass"); System.out.println(success); } }

The above program is just a test program. Actual code will be run in tomcat webapp. The problem that I encountered is that if the krb5.conf file changes, then the same will not be reflected in tomcat if successful authentication has already occurred once with the earlier version of krb5.conf. New changes reflect only restart of tomcat.

I want to know if there is a way to tell the JVM to reload krb5.conf so that it gets the latest changes without restarting the JVM.

+8

java tomcat jaas kerberos

Keshav Sep 17 '09 at 7:43

source share

2 answers

When using IBM java, is this option not supported? Is there an alternative when using the IBM module:

com.ibm.security.auth.module.Krb5LoginModule

0

martinnovoty Jun 12 '19 at 11:14

source share

Keshav · Accepted Answer · 2009-09-17T07:53:51+0000

refreshKrb5Config=true should be set for KRB5LoginModule in jaas.conf.

Rebooting Kerberos configuration in JAVA without restarting the JVM

More articles: