Stack Overflow
Stack Overflow

Questions tagged [spring-security-kerberos]

Kerberos support for Spring Security.

Spring Security Kerberos - Kerberos support for Spring Security.

Spring Security is a popular, highly customizable authentication and authorization framework for Java/Java EE and is a de-facto standard for securing Spring-based applications. As a Java based security solution, it is mostly applicable for the Java-based web applications that are built upon Spring Security framework. The Spring Security framework can authenticate with any social or enterprise identity provider. The most popular and secure enterprise identity provider for Spring Security framework is Kerberos.

Official Website: http://static.springsource.org/spring-security/site/extensions/krb/

Useful Links:

Related Tags:

117 questions
1
vote
2 answers

How to access kerberos SPNEGO authenticated resource using spring rest template

I am running into issues while trying to access kerberos SPNEGO authenticated resource using spring rest client. I am using KerberosRestTemplate. From the docs Leave keyTabLocation and userPrincipal empty if you want to use cached ticket. But…
pratim_b
  • 1,160
  • 10
  • 29
1
vote
1 answer

IS Spring Security SPNEGO API CSRF safe?

I have implemented Spring Security extentions SPNEGO API for Single Singh On in my application. Can anyone help me to know, is kerberos protocol or SPNEGO is CSRF safe? Do i need to implement CSRF safety explicitly even i have implemented SPNEGO?
Ashish Chauhan
  • 486
  • 2
  • 8
  • 22
1
vote
2 answers

How to read principals and encrypted keys from Kerboros keytab file on Node JS?

I need to intercept a specific request coming to my Node Server and introduce Kerberos Authentication right there. Suppose if a request comes for /names/ ,I need to first Kerberos authenticate it and only if it authenticated successfully, I will…
Anas Raza Firdousi
  • 19
  • 1
  • 5
1
vote
1 answer

Domain authentication with Kerberos fails

My app is using Grails, Spring, Kerberos. applicationContext.xml
user2611714
  • 143
  • 2
  • 10
1
vote
1 answer

using keytab file with spring security kerberos extension

My goal: implement SSO on a java-based web application. My problem: I'm not a security guy... After some investigation I found that spring security kerberos extension is what I need (also looked into apache shiro but could only find example with a…
Lior Chaga
  • 1,424
  • 2
  • 21
  • 35
1
vote
0 answers

SSO with spring security kerberos/NTLM and fetch additional details from AD

I want user to be authenticated by using its windows login credentials without explicitly showing him login page. The user will just login to his machine and when we will try to open the url he will be authenticated by spring security using his…
sagar
  • 23
  • 1
  • 1
  • 4
1
vote
1 answer

What happens when the kerberos ticket expires?

I am using kerberos/spnego authentication with spring security to authenticate users from Active directory services, client is windows 7. I have a concern with the kerberos ticket renewal process. I understand the ticket is valid for 10 hrs, what…
java1977
  • 398
  • 4
  • 12
  • 25
1
vote
1 answer

Negotiate Header was invalid error with Spring Security Kerberos extension/IE, Firefox/AD

We are configuring Spring Security Kerberos extension in OWF 7 (Ozone Widget Framework) on JBoss AS 7.1.1. We see the following error: 23:01:44,172 WARN [org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter]…
iranichai
  • 363
  • 1
  • 6
  • 19
1
vote
2 answers

Spring Security, Kerberos extension and AD

I'm trying to use on my project a Kerberos authentication. It's for my company an internal service, and I want to authenticate the users, and retrieve from our Active Directory the groups of the users. For this, I'm using Spring Security, Kerberos…
Remi
  • 11
  • 1
  • 5
0
votes
0 answers

How to use DaoAuthenticationProvider as a fallback for SSO with Kerberos/Spnego

My backend is a Spring Boot application and on the frontend I am using Angular. I want to achieve the following authentication process: Use SSO with the Windows credentials using Kerberos/Spnego Some users are not included in LDAP and can't be…
Steve2Fish
  • 187
  • 4
  • 15
0
votes
0 answers

Spring Security Kerberos - using Authentication from session to make Kerberized calls on behalf of user

I'm trying to implement REST services over LDAP directory. Both have Kerberos-protected access. I already have working code (based on Security Server Spnego and Form Auth Sample sample), which login user and store autentication object in users…
Artur Satarov
  • 3
  • 2
0
votes
0 answers

Springboot kerberos authentication using KerberosRestTemplate giving 401 UnAuthorized error

I am trying to implement a solution to access restapi which requires kerberos authentication and I am told you use a keytab file and service principal for this. I wrote some code to access the API and can see the request is reaching the server but…
Shiv
  • 11
  • 4
0
votes
0 answers

Don't wotrk withCredentials: true in vue3 + axios+ spring-security

I try use vue3 + axios+ spring-security-kerberos-client and can't pass jsession cookies if i use last axios version, property withCredentials: true don't pass jsession cookies. I created config const app = axios.create({ baseURL, …
Mikhail Peraviortkin
  • 1
0
votes
0 answers

Spring WS-Security - Wss4jSecurityInterceptor not working as before after migration to SecurityFilterChain Configuration

We have a three fold Security Configuration for an WS-SOAP Endpoint (part of a WSTEP server implementation). It supports Kerberos, X509-Certificate and UsernameToken authentication. We had it configured using individual WebSecurityConfigurerAdapter…
Ruediger
  • 1
  • 1
0
votes
0 answers

Waffle Spring security library: Why "Kerberos" is missing in securityPackage protocol list of NegotiateSecurityFilterProvider

NTLM Authentication & User impersonation: We have the Java web application with Waffle-Spring Security-Windows SSO. Authentication is working fine. We want to run a batch script, consisting of SSH/SCP steps in the user context. This also works fine…
Chandru
  • 81
  • 1
  • 9
1 2 3 4
5
6 7 8