1. 首页
  2. 问答
  3. GSS JAAS无法读取密钥库/选项卡

GSS JAAS无法读取密钥库/选项卡

2016-04-22 64 views
1

我试图使用Kerberos连接到数据库,除了两个问题,一切正常。首先,当我执行我的代码时,我被问到两次输入密码的次数不是一次,而是两次。然后我的查询被发送到我的数据库并返回结果。GSS JAAS无法读取密钥库/选项卡

上述问题源于我相信根本原因,或者我遇到的第二个问题是,我JDK无法读取密钥表。

com.sun.security.jgss.initiate { 
    com.sun.security.auth.module.Krb5LoginModule required 
    useKeyTab=true 
    useTicketCache=true 
    principal="[email protected]" 
    useDefaultCcache=true 
}; 

com.sun.security.jgss.accept { 
    com.sun.security.auth.module.Krb5LoginModule required 
    ticketCache=true 
    storeKey=true; 
}; 

Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Cluster created with settings {hosts=[realm:27017], mode=MULTIPLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500} 
Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Adding discovered server realm:27017 to client view of cluster 
Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=MULTIPLE, all=[ServerDescription{address=realm:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 
Kerberos password for [email protected]: ****** 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Opened connection [connectionId{localValue:1, serverValue:1001}] to realm:27017 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Monitor thread successfully connected to server with description ServerDescription{address=realm:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 2, 5]}, minWireVersion=0, maxWireVersion=4, maxDocumentSize=16777216, roundTripTimeNanos=128643970} 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Discovered cluster type of STANDALONE 
Kerberos password for [email protected]: ****** 
Apr 22, 2016 2:27:57 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Opened connection [connectionId{localValue:2, serverValue:1002}] to realm:27017 
****output from mongo****

我明白,我没有禁用键盘输入,但是这是因为当你从输出见上我无法读取密钥表或高速缓存。

服务器和客户端都有匹配的krb5.conf,我能够kinit,ktadd,klist都希望校长拥有正确的enc类型。

我甚至去chmod 777 keytab只是为了确保这不是一个权限问题。

来源

2016-04-22 user316114

回答

1

这是一个权限问题,我无法阅读下的高速缓存文件/ tmp

来源

2016-04-22 20:25:55 user316114

+0

请注明您自己的答案在这种情况下被“接受”。 –

相关问题

 相关问题