| Ian Harding 2005-08-30, 7:01 pm |
| The application I am working on connects to one or more Windows 2003
domain controller using LDAP to retrieve information from the directory.
I only require a single connection to be active at any one time, but
want a single instance of the application to work through the configured
connections in turn with no user intervention.
The application is required to use Kerberos authentication, so in order
to deal with different domain controllers and KDC hosts I am doing
something like this:
for each domain controller
{
System.setProperty("java.security.krb5.realm", <realm>" );
System.setProperty("java.security.krb5.kdc", "<kdc>" );
Login( "<user name>", "<password>" );
}
Where the Login method creates a custom callback handler to deal with
user name and password, creates a LoginContext from it, and logs in.
The problem I have is that whichever set of connection details is
presented, the first loop iteration successfully logs in. Second and
subsequent iterations fail with a LoginException containing
detailMessage = "null (68)" and stackTrace = null (thanks, that's so
useful!).
There don't seem to be any samples on the web demonstrating what I'm
trying to do. Everyone seems to assume that a single client instance
will only ever want to connect one domain controller for the lifetime of
the application. I assume I'm doing something wrong, but can't work out
the correct way of doing it. Can anyone help?
Thank you
Ian
|