Configuring J2EE Engine Properties

Use

Use this topic to configure the J2EE Engine properties that are necessary to use Kerberos authentication.

Prerequisites

·        You have imported the keytab file to the J2EE Engine host system.

·        You have created the Kerberos configuration file on the J2EE Engine host system.

·        The J2EE Engine can access the Kerberos keytab and configuration file. For more information, see Importing Kerberos Configuration Files to the J2EE Engine.

Procedure

       1.      Using the Config Tool of the J2EE Engine, navigate to cluster-data ® instance_ID<XXXXX> ® server_ID<XXXXX>

       2.      From the General tab, add the following Java Parameters:

¡        Djavax.security.auth.useSubjectCredsOnly=false

¡        Djava.security.krb5.conf=<krb5.conf_with_complete_path>

       3.      Depending on the JDK you are using, also add the following Java Parameters:

...

                            a.      For SUN JDK:

§         Dsun.security.krb5.debug=true

                            b.      For IBM JDK:

§         Dcom.ibm.security.jgss.debug=all

§         Dcom.ibm.security.krb5.Krb5Debug=all

       4.      Restart the J2EE Engine.

       5.      Repeat steps 1-4 on each of the J2EE Engine instances that use Kerberos authentication.

 

See also:

Kerberos Key Distribution Center Configuration

Configuring Cluster Elements

Config Tool