Specify a Data Encryption Standard (DES) key when creating a principal to be used by Java in the CyberSafe KDC. The Java reference implementation does not support Triple Data Encryption Standard (3DES) keys.
You can use 3DES keys if you are using CyberSafe GSSManager
with a CyberSafe KDC and have set the GSSMANAGER_CLASS
property.
CyberSafe Kerberos does not use a krb5.conf configuration file. By default, CyberSafe uses DNS records to locate KDC address mapping and realm information. Alternately, CyberSafe locates KDC address mapping and realm information in the krb.conf and krb.realms files, respectively. Refer to CyberSafe documentation for more information.
If you are using the standard Java GSSManager implementation, you must still create a krb5.conf file for use by Java. The CyberSafe krb.conf file is formatted differently from the krb5.conf file. Create a krb5.conf file as specified in the Sun manual pages or in the MIT documentation. You do not need a krb5.conf file if using the CyberSafe GSSManager.
For examples of the krb5.conf file, see white paper on setting up Kerberos. The URL for this document can be found in the jConnect for JDBC Release Bulletin.
When using CyberSafe client libraries on Solaris, make sure your library search path includes the CyberSafe libraries before any other Kerberos libraries.
