The default “authenticator” in either LdapV3-compatible user service as copied from the ldap palette. Properties include the Kerberos realm name, key distribution center URL, station (service) name previously defined, and path to locally-stored keytab file or password for the service. Kerberos is a “ticket” based client-server “mutual authentication” method using symmetric key cryptography. NiagaraAX station host configuration is more involved than for simple authentication, and system users must also configure client PCs (Workbench and/or client web browsers) with Kerberos-specific settings.

Kerberos is not supported on a “J9 Java VM” (JACE-2/4/5) series platform. On a station running on this platform, use the SimpleAuthenticator in place of the KerberosAuthenticator.

For related details, see the following: