HR server is not able to connect to KDC server ---------------------------------------------- Key: ISPN-4397 URL: https://issues.redhat.com/browse/ISPN-4397 Project: Infinispan Issue Type: Bug Components: Server Reporter: Vojtech Juranek Assignee: Tristan Tarrant Priority: Major After upgrade to WildFly 8.1 (commit [2eb84c2824d82530e508b2063409b1d22225772d|https://github.com/infinispan/in...]), HotRod server endpoint is not able to connect to KDC server (when kerberos sasl server-context-name name is specified) and startup teh the HR server fails with {noformat} Caused by: javax.security.auth.login.LoginException: Cannot locate KDC at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:763) [rt.jar:1.7.0_45] at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584) [rt.jar:1.7.0_45] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_45] at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_45] at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_45] at org.infinispan.server.endpoint.subsystem.ProtocolServerService.getServerSubject(ProtocolServerService.java:235) at org.infinispan.server.endpoint.subsystem.ProtocolServerService.start(ProtocolServerService.java:126) ... 5 more Caused by: KrbException: Cannot locate KDC at sun.security.krb5.Config.getKDCList(Config.java:1236) [rt.jar:1.7.0_45] at sun.security.krb5.KdcComm.send(KdcComm.java:210) [rt.jar:1.7.0_45] at sun.security.krb5.KdcComm.send(KdcComm.java:191) [rt.jar:1.7.0_45] at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:319) [rt.jar:1.7.0_45] at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:364) [rt.jar:1.7.0_45] at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:735) [rt.jar:1.7.0_45] ... 19 more Caused by: KrbException: Generic error (description in e-text) (60) - Unable to locate KDC for realm INFINISPAN.ORG at sun.security.krb5.Config.getKDCFromDNS(Config.java:1333) [rt.jar:1.7.0_45] at sun.security.krb5.Config.getKDCList(Config.java:1209) [rt.jar:1.7.0_45] ... 24 more {noformat} In this case KDC run on port 6088 and it's very likely (more in-depth investigation is needed), that krb client used by server ignores path to krb setup (env. var {{java.security.krb5.conf}}) and tried to connect to port 88. This seems to be a bug in WildFly 8.1.