From 260e381a54d3d83224cb8bb1ed05303d2a10b2a3 Mon Sep 17 00:00:00 2001 From: levy Date: Tue, 22 Sep 2020 15:58:42 +0800 Subject: [PATCH] add config comments --- configuration/pegasus_jaas.conf | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/configuration/pegasus_jaas.conf b/configuration/pegasus_jaas.conf index a1becf90..3a49cd01 100644 --- a/configuration/pegasus_jaas.conf +++ b/configuration/pegasus_jaas.conf @@ -1,10 +1,22 @@ client { + // Krb5LoginModule authenticates users using Kerberos protocols. com.sun.security.auth.module.Krb5LoginModule required + + // config options in Krb5LoginModule: + // output debug message if debug is set to true debug=true + // Set this to true, if you want the TGT to be obtained from the ticket cache. + // Set this option to false if you do not want this module to use the ticket cache. (Default is False). useTicketCache=true + // Set this to true if you want the module to get the principal`s key from the the keytab. (Default value is False) useKeyTab=true + // Set this to the file name of the keytab to get principal`s secret key. keyTab="" + // Set this to true, if you want to renew the TGT. + // If this is set, useTicketCache must also be set to true. otherwise a configuration error will be returned. renewTGT=true + // The name of the principal that should be used. The principal can be a simple username such as "testuser" or a service name such as "host/testhost.eng.sun.com". principal="" + // Set this to true to if you want the keytab or the principal`s key to be stored in the Subject`s private credentials. storeKey=true; };