Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 6. Configuring FreeIPA
Before you configure FreeIPA to use JBoss Negotiation, make sure you have FreeIPA installed and configured correctly, and the clients are able to obtain Kerberos tickets. Detailed FreeIPA documentation is available on http://www.freeipa.org/.
Warning
Due to the supported encryption types of FreeIPA, the JBoss application server must run on a Java 6 JVM with unlimited cryptography enabled.
To configure FreeIPA to authenticate users through JBoss Negotiation you need to do the following:
- Create a service principal for the server and add the HTTP service to it. The server user acts as a connection between FreeIPA and the JBoss web server.
- Generate a keytab file for the server user and export it to the application server. The application server uses the keytab to authenticate to KDC in FreeIPA.
Note
These instructions apply to FreeIPA 1.1.
6.1. Creating Service Principal
링크 복사링크가 클립보드에 복사되었습니다!
You need to create the service principal, which represents the HTTP service of your JBoss Application Server to allow the clients to request the ticket for this service.
Note
Full information on service principal creation is available on http://freeipa.org/page/AdministratorsGuide#Managing_Service_Principals.
- The simplest way to create a service principal is through the FreeIPA WebUI: access the tool as an administrator.
- Click the
Add Service Principallink.Figure 6.1. Adding Service Principal
- Set the hostname to the host name of your server (
test_server.jboss.org) and the service type toHTTP, and click .Figure 6.2. View Service Principal
Note
Creating the service principal requires the host name to be mapped with DNS. If this procedure fails, on the command line, issue the following command to create the principal:ipa-addservice HTTP/test_server.jboss.org@JBOSS.ORG --force
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}