A working Key Distribution Center (KDC) is set up.A working Key Distribution Center (KDC) is set up.The KDC is configured as an LDAP directory, for authenticating incoming requests with Kerberos tickets.The Kerberos client is registered with the principal database of the KDC.The API that you want to access is registered with the KDC.A valid Kerberos configuration file is available.
To configure API Gateway to use Kerberos
, in the title bar, and select Administration. Field | Description |
Realm | Optional. The domain name of the Kerberos server, in uppercase letters. Note: A value specified for Realm overwrites the realm set in the KDC configuration file specified in Kerberos configuration file. |
Key distribution center | Optional. The host name of the machine on which the KDC resides. A value specified for Key distribution center overwrites the default key distribution center set in the KDC configuration file specified in Configuration file. |
Configuration file | The location of the Kerberos configuration file that contains the Kerberos configuration information, including the locations of KDCs, defaults for the realm and for Kerberos applications, and the host names and Kerberos realms mappings. |
Use subject credentials | Specifies whether API Gateway requires a Kerberos V5 Generic Security Services (GSS) mechanism to obtain the necessary credentials from an existing subject set up by the JAAS authentication module. Here, subject represents the user or service being authenticated in the JAAS login context. |