Re: Does using Kerberos with Tomcat reduce my security?

Wendy Smoak Tue, 29 Aug 2006 12:20:52 -0700

On 8/29/06, David Smith <[EMAIL PROTECTED]> wrote:

I know this is a later response, but better late than never.


Strictly and technically speaking, your Kerberos JAAS realm is weakening
the the intense security offered by kerberos.


... and whatever you do, DO NOT turn the <realm> debug level up above
2 or JAASCallbackHandler will happily log Kerberos passwords in plain
text.

--
Wendy
http://wiki.wsmoak.net/cgi-bin/wiki.pl?TomcatJAASRealm

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Does using Kerberos with Tomcat reduce my security?

Reply via email to