Has anyone tried to use this client with a Kerberos enabled mid range system (eg AS400?) and has any pointers or material on how this could be accomplished? Coincidently IBM's new Java based Client Access tool (iAccessClient also has this option - http://www-03.ibm.com/systems/power/software/i/access/solutions.html).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thanks vale, I was able to implement this successfully.
The RFC (http://tools.ietf.org/html/rfc4777#page-18) shows the negotiations required to establish the session with a Kerberos ticket.
You must escape kerberos ticket, i.e. the IAC command by doubling up the hex string (0xFF) and also escape the VAR, VALUE, ESC and USERVAR hex strings (0, 1, 2, 3) by prefixing with the hex string (0x02).
In terms of acquiring the kerberos ticket I used the JNA library (https://github.com/twall/jna) though it is possible to use a 'pure' java implementation.
Wireshark was also an invaluable tool to inspect the telnet negotiations.
Hope this helps anyone trying to achieve this too.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Would you consider sharing your code? I will need to use Kerberos in a project I am working on. I think it will help others as well if you put this in the code base.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Has anyone tried to use this client with a Kerberos enabled mid range system (eg AS400?) and has any pointers or material on how this could be accomplished? Coincidently IBM's new Java based Client Access tool (iAccessClient also has this option - http://www-03.ibm.com/systems/power/software/i/access/solutions.html).
Kerberos authentication is not implemented, but since, as far as I know, it is supported by java itself I cannot exclude that someone has done it.
Thanks vale, I was able to implement this successfully.
The RFC (http://tools.ietf.org/html/rfc4777#page-18) shows the negotiations required to establish the session with a Kerberos ticket.
You must escape kerberos ticket, i.e. the IAC command by doubling up the hex string (0xFF) and also escape the VAR, VALUE, ESC and USERVAR hex strings (0, 1, 2, 3) by prefixing with the hex string (0x02).
In terms of acquiring the kerberos ticket I used the JNA library (https://github.com/twall/jna) though it is possible to use a 'pure' java implementation.
Wireshark was also an invaluable tool to inspect the telnet negotiations.
Hope this helps anyone trying to achieve this too.
Would you consider sharing your code? I will need to use Kerberos in a project I am working on. I think it will help others as well if you put this in the code base.
Well done !
Let me know if you want to include your solution in the xtn5250 distribution.
Thank you