1. 首頁
  2. 問答
  3. GSS JAAS無法讀取密鑰庫/選項卡

GSS JAAS無法讀取密鑰庫/選項卡

2016-04-22 57 views
1

我試圖使用Kerberos連接到數據庫,除了兩個問題,一切正常。首先,當我執行我的代碼時,我被問到兩次輸入密碼的次數不是一次,而是兩次。然後我的查詢被髮送到我的數據庫並返回結果。GSS JAAS無法讀取密鑰庫/選項卡

上述問題源於我相信根本原因,或者我遇到的第二個問題是,我JDK無法讀取密鑰表。

com.sun.security.jgss.initiate { 
    com.sun.security.auth.module.Krb5LoginModule required 
    useKeyTab=true 
    useTicketCache=true 
    principal="[email protected]" 
    useDefaultCcache=true 
}; 

com.sun.security.jgss.accept { 
    com.sun.security.auth.module.Krb5LoginModule required 
    ticketCache=true 
    storeKey=true; 
}; 

Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Cluster created with settings {hosts=[realm:27017], mode=MULTIPLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500} 
Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Adding discovered server realm:27017 to client view of cluster 
Apr 22, 2016 2:27:46 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=MULTIPLE, all=[ServerDescription{address=realm:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 
Kerberos password for [email protected]: ****** 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Opened connection [connectionId{localValue:1, serverValue:1001}] to realm:27017 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Monitor thread successfully connected to server with description ServerDescription{address=realm:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 2, 5]}, minWireVersion=0, maxWireVersion=4, maxDocumentSize=16777216, roundTripTimeNanos=128643970} 
Apr 22, 2016 2:27:52 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Discovered cluster type of STANDALONE 
Kerberos password for [email protected]: ****** 
Apr 22, 2016 2:27:57 PM com.mongodb.diagnostics.logging.JULLogger log 
INFO: Opened connection [connectionId{localValue:2, serverValue:1002}] to realm:27017 
****output from mongo****

我明白,我沒有禁用鍵盤輸入,但是這是因爲當你從輸出見上我無法讀取密鑰表或高速緩存。

服務器和客戶端都有匹配的krb5.conf,我能夠kinit,ktadd,klist都希望校長擁有正確的enc類型。

我甚至去chmod 777 keytab只是爲了確保這不是一個權限問題。

來源

2016-04-22 user316114

回答

1

這是一個權限問題,我無法閱讀下的高速緩存文件/ tmp

來源

2016-04-22 20:25:55 user316114

+0

請註明您自己的答案在這種情況下被「接受」。 –

相關問題

 相關問題