Yo soy la implementación de la Autenticación kerberos en mi existentes de java primavera de la aplicación.Mi unix equipo me ha proporcionado SPN, krb5.conf y archivo keytab. Estoy tratando duro con el siguiente código y la configuración, pero conseguir que no se puede obtener la contraseña de usuario de excepción como el que se adjunta en los registros a continuación.

Puede que alguien me corrija Si estoy haciendo algo mal o qué podría ir mal? Déjeme saber si usted necesita más información sobre esto.
Sería bueno si alguien puede decir, de cómo comprobar si la configuración de kerberos es correcto o no?

Aquí es lo que he intentado. Yo estoy usando:

  • JDK 1.6
  • spring-security-kerberos-core-1.0.0.M2.jar
  • spring-security-core-3.0.1.RELEASE.jar
  • spring-security-config-3.0.1.RELEASE.jar
  • spring-security-web-3.0.1.RELEASE.jar

Mi security-config.xml es:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<beans:bean class="com.ci.util.TrimmingPropertyPlaceholderConfigurer">
<beans:property name="searchSystemEnvironment" value="true" />
<beans:property name="locations">
<beans:list>
<beans:value>file:${install.home}/config/application.properties
</beans:value>
<beans:value>file:${install.home}/config/environment.properties
</beans:value>
</beans:list>
</beans:property>
</beans:bean>
<http entry-point-ref="spnegoEntryPoint" auto-config="false">
<intercept-url pattern="/selectBlacklisting*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/j_spring_security_check*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />
<custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_AUTH_FILTER" />
<form-login login-page="/selectBlacklisting.form" default-target-url="/" always-use-default-target="true"/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="kerberosServiceAuthenticationProvider" />
<authentication-provider ref="kerberosAuthenticationProvider"/>
</authentication-manager>
<beans:bean id="spnegoEntryPoint"
class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint" />
<beans:bean id="spnegoAuthenticationProcessingFilter"
class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>
<beans:bean id="kerberosServiceAuthenticationProvider"
class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
<beans:property name="ticketValidator">
<beans:bean
class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
<beans:property name="servicePrincipal" value="${servicePrincipal.url}"/>
<beans:property name="keyTabLocation" value="${keyTabLocation.url}" />
<beans:property name="debug" value="true"/>
</beans:bean>
</beans:property>
<beans:property name="userDetailsService" ref="dummyUserDetailsService" />
</beans:bean>
<beans:bean id="kerberosAuthenticationProvider" class="org.springframework.security.extensions.kerberos.KerberosAuthenticationProvider">
<beans:property name="kerberosClient">
<beans:bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosClient">
<beans:property name="debug" value="true" />
</beans:bean>
</beans:property>
<beans:property name="userDetailsService" ref="dummyUserDetailsService" />
</beans:bean>
<beans:bean class="org.springframework.security.extensions.kerberos.GlobalSunJaasKerberosConfig">
<beans:property name="debug" value="true" />
<beans:property name="krbConfLocation" value="${krbConfLocation.url}" />
</beans:bean>
<beans:bean id="dummyUserDetailsService" class="com.ci.manager.interceptor.DummyUserDetailService"/>
</beans:beans>

Propiedades de los valores utilizados en el anterior security-config.xml:

servicePrincipal.url=HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE  
keyTabLocation.url=file:/MY_APP_ITE3/appmanager/50.T0.17/config/xyzcard-sit1.keytab
krbConfLocation.url=/etc/krb5/krb5.conf

Mi DummyUserDetailService:

public class DummyUserDetailService implements UserDetailsService {
private static final Logger LOGGER = Logger.getLogger(DummyUserDetailService.class);
public DummyUserDetailService(){
LOGGER.info("DummyUserDetailService constructor called>>>>>>>>>");
}
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
LOGGER.info("loadUserByUsername method called>>>>>>>>>"+username);
LOGGER.info("loadUserByUsername method called>AuthorityUtils.createAuthorityList>>>>>>>>"+AuthorityUtils.createAuthorityList("ROLE_USER"));
return new User(username, "notUsed",true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_USER"));
}
}

Mi web.xml es:

    <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Customer Intelligence Management Tool</display-name>
<distributable/>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>    
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/security-config.xml</param-value>
</context-param>     
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener> 
<servlet>
<servlet-name>app-manager</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/app-manager-servlet.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>app-manager</servlet-name>
<url-pattern>*.form</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>15</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>/WEB-INF/jsp/index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/jsp/Error.jsp</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/jsp/FileNotFound.jsp</location>
</error-page>
</web-app>

Registros de aplicación mostrando excepción:

  015-04-20 13:07:42 ERROR  org.springframework.web.context.ContextLoader[ContextLoader.java:219(initWebApplicationContext)] - Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot create inner bean '(inner bean)' of type [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean] while setting bean property 'parent'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:125)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:562)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:871)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:423)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4216)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:448)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:150)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:109)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:274)
... 39 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:355)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:27)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:143)
... 41 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
... 55 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1403)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)
... 65 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user
at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:789)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:654)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
at org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator.afterPropertiesSet(SunJaasKerberosTicketValidator.java:125)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1400)
... 68 more

Registros Del Servidor:

Apr 22, 2015 8:29:38 AM org.apache.catalina.loader.WebappClassLoader validateJarFile
INFO: validateJarFile(/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/work/Catalina/localhost/app-manager/WEB-INF/lib/j2ee-1.4.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab refreshKrb5Config is false principal is HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE tryFirstPass is false useFirstPass is false storePass is false clearPass is false
>>> KeyTabInputStream, readName(): SYSTEMS.PRIVATE
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): srv-xyzcard-sit1.systems.private
>>> KeyTab: load() entry length: 88; type: 23
Key for the principal HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE not available in file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab
[Krb5LoginModule] authentication failed 
Unable to obtain password from user
Apr 22, 2015 8:29:52 AM org.apache.catalina.core.StandardContext start
  • Creo que la pregunta es vale la pena responder . Por qué no contesta? 🙂
  • Hay muy pocas personas que la respuesta de kerberos preguntas y ninguno de ellos parece saber Java Primavera. Preguntas sobre este tema vienen muy a menudo en la kerberos etiqueta y casi nunca son contestadas. Mi conjetura es que es un DNS/krb5.conf archivo de problema, el servidor está buscando un director en el keytab que no existe.
InformationsquelleAutor codelearner | 2015-04-24

2 Comentarios

  1. 4

    Esto puede ser debido a los valores de la propiedad no se ha resuelto sobre la seguridad-config. Puede que el disco duro código siguiente y probar de nuevo?

       <beans:property name="servicePrincipal" value="HTTP/[email protected]"/>
    <beans:property name="keyTabLocation" value="file:YOUR KEY TAB LOCATION >>/mykey.keytabl" />

    Su error ha tirado de javax.de seguridad.auth.de inicio de sesión.LoginContext método init, así que debe ser algo acerca del archivo keytab o principio de servicio no está configurado correctamente.

    • Puedo ver tu respuesta es correcta.
  2. 1

    Gracias por responder. He resuelto el problema, el problema era mi keytab. Mi archivo de clave no contiene SPN que yo estaba buscando. Fue generado con mal SPN. He probado con algún pardillo Spn y se encontró que estaba recibiendo misma excepción, a continuación, preguntó equipo para validar o generar nueva clave.

Dejar respuesta

Please enter your comment!
Please enter your name here