Search
SupportConsoleDevelopersStart a trialContact

4.2. Adding the Properties to the System Properties

download PDF
To make the properties permanent and have an application server start always with the SPNEGO mechanism, define the properties in the $JBOSS_HOME/server/$PROFILE/deploy/properties-service.xml descriptor. Make sure the properties are loaded before the first authentication attempt (JBoss does not allow any incoming HTTP connections before the server has started up fully).
Open the descriptor and add the following attribute to the jboss:type=Service,name=SystemProperties MBean: 
<attribute name="Properties">
 java.security.krb5.kdc=kerberos.security.jboss.org
 java.security.krb5.realm=KERBEROS.JBOSS.ORG
</attribute>

4.2.1. Multiple KDCs

If you are using one or more slave KDCs in addition to your master KDC, list the KDCs in a colon-separated list after the java.security.krb5.kdc system property. The system will use the provided alternative KDC if the master KDC is not available.

Example 4.1. Running a server with multiple KDCs

./run.sh -Djava.security.krb5.realm=KERBEROS.JBOSS.ORG:SLAVE_KDC.JBOSS.ORG -Djava.security.krb5.kdc=kerberos.security.jboss.org
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.