Kerberos Module
The Kerberos module is called the KerberosSTSModule.
Validates Kerberos security tokens with a token type of http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ.
- Supported mode
- Validate
- Configuration properties
- Validate mode
- Kerberos keytab file
- Specify one of the available imported Kerberos service keytab file for the Kerberos service identified by the Kerberos security token. Follow the steps below to import a keytab file:
- Select Federation > Global Keys > Kerberos Keytab file.
- Click Import to upload a keytab file.
This field is required.
- Service principal name for the Kerberos
- Principal name of the Kerberos service in the form of <service name>/<fully qualified hostname>@<realmname>. For example, HTTP/WIN-JCCFTF7M7EI.kerb.com@KERB.COM.
This field is required.
To overwrite the default Kerberos configuration information, navigate to Web > Kerberos Configuration > Defaults.
- Kerberos Keytab File
Use the Keyfiles tab on the Kerberos Configuration management page in the LMI to manage these settings.
Parent topic: Supported module types