Configuring My webMethods Server for Kerberos Authentication
Use the following procedure to configure My webMethods Server for Kerberos authentication.
To configure
My webMethods Server for Kerberos authentication
1. Log in to My webMethods Server as Administrator and configure LDAP for the Active Directory configured for Kerberos authentication server or create client user accounts in My webMethods Server. Even the user account for the Windows server machine must be included in LDAP or My webMethods Server user accounts.
2. Edit and save the Software AG_directory \profiles\MWS_default\configuration\jaas.conf file to include the code below to the end of the file:
spnego-server{
com.sun.security.auth.module.Krb5LoginModule required
doNotPrompt=true
principal="HTTP/<FQDN_of_Active_Directory_Server>"
useKeyTab=true
keyTab="<Keytab_file_absolute_path>"
storeKey=true
isInitiator=false
debug=false;
};
3. Edit and save the Software AG_directory \profiles\MWS_default\configuration\custom_wrapper.conf file to include the properties mentioned below:
wrapper.java.additional.602=-Dsun.security.krb5.debug=false
wrapper.java.additional.603=-Djavax.security.auth.
useSubjectCredsOnly=false
4. Restart My webMethods Server.
5. Log in to My webMethods Server as system administrator.
6. Navigate to Configuration > KerberosAuthentication Administration and provide the appropriate values for the Realm (specify all the machines managed by KDC) and the KDC server.
8. Restart My webMethods Server.