1#!/bin/csh -f 2# 3# BEFORE running this test, you need to set up the environment as follows. 4# 1. Create a 'sample' service principal in the KDC. 5# 2. Create a keytab for the server principal 'sample/fqdn@REALM' 6# where 'fqdn' is the fully qualified domain name of the server and 7# REALM is the KDC's realm. The principal must be a host-based service. 8# For example, a principal name might be 9# 'sample/machineX.imc.org@IMC.ORG'. 10# On Windows, for example, you use the ktpass utility to create a host keytab 11# file. 12# c:> ktpass -princ sample/machineX.imc.org@IMC.ORG -mapuser sample \ 13# -ptype KRB5_NT_SRV_HST \ 14# -pass servertest123 -out machineX.keytab 15# 3. Create a user principal in the KDC. 16# 4. Set up a JAAS login module configuration file like gsseg_jaas.conf, updating 17# the client and server entries according to the principal and machine names 18# used. 19# 5. Update AuthOnly.SERVER_FQDN with fqdn of server machine. 20# 6. To examine exchange, turn on logging by adding 21# -Djava.util.logging.config.file=log.properties 22# 7. Update the realm and kdc settings in this script. 23# 24java -Djava.security.krb5.realm=IMC.ORG -Djava.security.krb5.kdc=machineX.imc.org -Djava.security.auth.login.config=gsseg_jaas.conf NoSecurityLayer 25