This MuleSoft project details how to acheive Kerberos authentication in both HTTP requests and Database interactions. This solution works on both Linux and Cloudhub deployments.
Location: src/main/resources/kerberos-configurations Description: Generic file that is used in the Kerberos Authentication file. No changes needed to incorporate into project
Location: src/main/resources/kerberos-configurations Description: Kerberos authentication file that will need to be filled out by user. All properties contained in ${} will need to be updated with the relevant domain details. The secondary realm is not required and can be deleted.
Location: src/main/java/com.newrez.kerberos Description: Java class that will facilitate the HTTP authentication and request using Kerberos. You can call this class with the invoke static connector found in the project
Description: JVM arguments needed to access the conf files at project deployment time.
- -Djava.security.auth.login.config=/login.conf
- -Djava.security.krb5.conf=/krb5.conf
Required connection properties:
- integratedSecurity=true
- authenticationSchema=JavaKerberos
Only the krb5.conf and login.conf are required for the database connection and not the Java class
To make an HTTP request, you can use the invoke static connector and call the Java class com.newrez.kerberos.KerberosHttpURLConnection. The parameters to pass into this request to form the HTTP request are:
- context
- username
- password
- url
- method
- body
- properties