Kerberos provides single sign-on (SSO) access to a back end that is integrated into the Kerberos realm. Another provider must authenticate clients before the Kerberos provider is called.
|Description||None||Differentiate between multiple instances of the same provider type; for example, when you have multiple authentication providers of the same type stacked in a security profile, and each targets a different repository.|
|kdc||None||The Key Distribution Center (KDC) identifier, in the format
Note SAP Mobile Platform uses the constrained-delegation feature of the Kerberos protocol.
|realm||None||The Kerberos realm to use for authenticating SAP Mobile Platform Server users to the KDC; must be capitalized, for example, MYREALM.MYCORP.COM.|
|cname||None||The user name in the KDC that is associated with
SAP Mobile Platform Server.
Note The service user must be granted permission to delegate to the application-endpoint service.
|key||None||The hexadecimal value of the key that is shared between the
SAP Mobile Platform service and the KDC.
To create a key:
|credential||spnego||The name of the credential that provides the Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) Kerberos token upon successful authentication.|
To validate your settings, click Test Settings. A message reports either success or failure; if validation fails, invalid settings are highlighted.