| The main method is used to accept user command line input for ticket
request.
Usage: kinit [-A] [-f] [-p] [-c cachename] [[-k [-t keytab_file_name]]
[principal] [password]
- -A do not include addresses
- -f forwardable
- -p proxiable
- -c cache name (i.e., FILE://c:\temp\mykrb5cc)
- -k use keytab
- -t keytab file name
- principal the principal name (i.e., duke@java.sun.com)
- password the principal's Kerberos password
Use java sun.security.krb5.tools.Kinit -help to bring up help menu.
We currently support only file-based credentials cache to
store the tickets obtained from the KDC.
By default, for all Unix platforms a cache file named
/tmp/krb5cc_<uid> will be generated. The <uid> is the
numeric user identifier.
For all other platforms, a cache file named
<USER_HOME>/krb5cc_<USER_NAME> would be generated.
<USER_HOME> is obtained from java.lang.System
property user.home.
<USER_NAME> is obtained from java.lang.System
property user.name.
If <USER_HOME> is null the cache file would be stored in
the current directory that the program is running from.
<USER_NAME> is operating system's login username.
It could be different from user's principal name.
For instance, on Windows NT, it could be
c:\winnt\profiles\duke\krb5cc_duke, in
which duke is the <USER_NAME>, and c:\winnt\profile\duke is the
<USER_HOME>.
A single user could have multiple principal names,
but the primary principal of the credentials cache could only be one,
which means one cache file could only store tickets for one
specific user principal. If the user switches
the principal name at the next Kinit, the cache file generated for the
new ticket would overwrite the old cache file by default.
To avoid overwriting, you need to specify
a different cache file name when you request a
new ticket.
You can specify the location of the cache file by using the -c option
| 