The Kerberos Realm used to authenticate the user.
Data Type
string
Default Value
""
Remarks
The Kerberos properties are used when using SPNEGO or Windows Authentication. The Kerberos Realm is
used to authenticate the user with the Kerberos Key Distribution Service (KDC). The Kerberos Realm
can be configured by an administrator to be any string, but conventionally it is based on the domain
name.
If Kerberos Realm is not specified, the adapter will attempt to detect these properties
automatically from the following locations:
- KRB5 Config File (krb5.ini/krb5.conf): If the KRB5_CONFIG environment variable is set and
the file exists, the adapter will obtain the default realm from the specified file. Otherwise, it
will attempt to read from the default MIT location based on the OS:
C:\ProgramData\MIT\Kerberos5\krb5.ini (Windows) or /etc/krb5.conf (Linux)
- Java System Properties: Using the system properties java.security.krb5.realm
and java.security.krb5.kdc.
- Domain Name and Host: If the Kerberos Realm and Kerberos KDC could not be inferred from
another location, the adapter will infer them from the user-configured domain name and host. This
might work in some Windows environments.
Note: Kerberos-based authentication is supported in JRE 1.6 and above only.