Kerberos constrained delegation with protocol transition in java on linux

Question

I am not able to find any examples of how constrained delegation with protocol transition is done using JAAS/GSS api's on linux. Appreciate any pointers on this.

I've summarized all the necessary details here: https://stackoverflow.com/a/57377671/1471779 — Bhushan Karmarkar, Aug 06 '19 at 13:54

score 1 · Answer 1 · answered Oct 16 '11 at 18:14

1

I guess, there is only support for credential delegation. You cannot specify the explicit target hosts.

answered Oct 16 '11 at 18:14

Michael-O

18,123
6
55
121

2

yep java doesn't have support for credential delegation with protocol transition, had to buy a proprietary library to get that support. – Vikram Nov 07 '11 at 08:37
1

Which one was it? Out of curiousity. – Michael-O Nov 07 '11 at 08:55
I´m also curious on which one you used. Can you please tell which one was it? Thanks. – jmend Apr 23 '12 at 21:35
Probably [this](http://www.quest.com/single-sign-on-for-java/) product from Quest Software. – Michael-O Apr 24 '12 at 08:27
Not exactly a duplicate, but related: http://stackoverflow.com/questions/10099321/how-to-implement-kerberos-protocol-transition-in-java-s4u2self – armb Oct 08 '13 at 14:13
1

Constrained delegation has been implemented in Java 8: http://docs.oracle.com/javase/8/docs/technotes/guides/security/enhancements-8.html – greenmarker Apr 20 '15 at 14:18

Kerberos constrained delegation with protocol transition in java on linux

1 Answers1