Kerberos Cached Ticket

Ibrahim picture Ibrahim · Nov 7, 2011 · Viewed 9.3k times · Source

I am on windows 7 (64-bit) and I have created a simple app to count files in the run method of a class that implements PrivilegedAction. following is my jaas.conf file:

CountFiles {
    com.sun.security.auth.module.Krb5LoginModule required 
    useTicketCache=true
    debug=true;
};

I am getting the following message.

Debug is  true storeKey false useTicketCache true useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Credentials are no longer valid
Principal is null
null credentials from Ticket Cache

and the program throws LoginException after that, however if I execute the kinit.exe on windows command line then it is able to give me the count.

I have also setup the following registry value to 1:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Value Name: AllowTGTSessionKey
Value Type: REG_DWORD
Value: 1

Can you please tell how to access the kerberos tickets cached on the system?

Thank you.

Answer

Ibrahim picture Ibrahim · Nov 8, 2011

I found the answer to my question by deleting krb5cc* file in a folder with my user name under C:\Users. The file was created by kinit.exe.