[gatein-dev] Gatein SPNGEO SSO error: decryption key is of type NULL

Hi all, I am trying to config SPNEGO SSO for gatein 3.7 jboss packaging, i did following the guideline at https://docs.jboss.org/author/display/GTNPORTAL37/SPNEGO - After installed Kerberos, the general authentication seems to work, i logged in with root successfully, the result: exo@exo:~$ kinit -A root Password for root(a)local.network: exo@exo:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: root(a)local.network Valid starting Expires Service principal 24/04/2014 10:54:41 24/04/2014 20:54:41 krbtgt/local.network(a)local.network renew until 25/04/2014 10:54:36 - Then i configured firefox and gatein as guideline, but when i access to gatein and click to login, the authentication is failed and i see error in console: 10:09:30,648 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-server.local.network-192.168.56.101-8080-1) Login failure: javax.security.auth.login.LoginException: Unable to authenticate - Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL) at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:163) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_21] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_21] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_21] at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_21] at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_21] at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_21] at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final] at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final] at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final] at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final] at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1] at org.gatein.sso.spnego.GateInNegotiationAuthenticator.authenticate(GateInNegotiationAuthenticator.java:56) [spnego-1.4.0.Final.jar:1.4.0.Final] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:] at org.gatein.sso.integration.SSODelegateValve.invoke(SSODelegateValve.java:155) [sso-integration-1.4.0.Final.jar:1.4.0.Final] at org.gatein.portal.security.jboss.PortalClusteredSSOSupportValve.invoke(PortalClusteredSSOSupportValve.java:94) [exo.portal.component.web.security-jboss-3.7.1.Final-SNAPSHOT.jar:3.7.1.Final-SNAPSHOT] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21] I tried to find solution with google and it has some topic in jboss forum https://community.jboss.org/thread/204614 and https://community.jboss.org/thread/204876?tstart=0, they recommend i used java 7, but when i switch to java 7 (jdk 1.7.0_21) i still see the same error. I'm deploying gatein on ubuntu 13.04 and java 7 (jdk 1.7.0_21) Is there any idea for fixing my problem? Thanks! TuyenNT.