[
https://issues.jboss.org/browse/ISPN-4224?page=com.atlassian.jira.plugin....
]
Gustavo Fernandes commented on ISPN-4224:
-----------------------------------------
I have failures both in jdk1.7 and 1.8.
The test fails during authentication because the Kerberos server has no knowledge of the
"Realm" or "KDC" (at least in my environment)
From the embedded Apache Directory Server logs:
{code}
Caused by: javax.security.sasl.SaslException: Failure to initialize security context
[Caused by GSSException: Invalid name provided (Mechanism level: Cannot locate default
realm)]
at com.sun.security.sasl.gsskerb.GssKrb5Server.<init>(GssKrb5Server.java:113)
at com.sun.security.sasl.gsskerb.FactoryImpl.createSaslServer(FactoryImpl.java:85)
at javax.security.sasl.Sasl.createSaslServer(Sasl.java:509)
at
org.apache.directory.server.ldap.handlers.sasl.gssapi.GssapiMechanismHandler$1.run(GssapiMechanismHandler.java:78)
at
org.apache.directory.server.ldap.handlers.sasl.gssapi.GssapiMechanismHandler$1.run(GssapiMechanismHandler.java:75)
... 19 more
Caused by: GSSException: Invalid name provided (Mechanism level: Cannot locate default
realm)
at sun.security.jgss.krb5.Krb5NameElement.getInstance(Krb5NameElement.java:127)
at sun.security.jgss.krb5.Krb5MechFactory.getNameElement(Krb5MechFactory.java:95)
at sun.security.jgss.GSSManagerImpl.getNameElement(GSSManagerImpl.java:202)
at sun.security.jgss.GSSNameImpl.getElement(GSSNameImpl.java:472)
at sun.security.jgss.GSSNameImpl.init(GSSNameImpl.java:201)
at sun.security.jgss.GSSNameImpl.<init>(GSSNameImpl.java:170)
at sun.security.jgss.GSSManagerImpl.createName(GSSManagerImpl.java:137)
at com.sun.security.sasl.gsskerb.GssKrb5Server.<init>(GssKrb5Server.java:93)
... 23 more
{code}
I've created a pull request that solve the issue for me, please take a look if it
works for you in both 1.7 and 1.8
Kerberos auth IT fails on JDK8
------------------------------
Key: ISPN-4224
URL:
https://issues.jboss.org/browse/ISPN-4224
Project: Infinispan
Issue Type: Bug
Components: Test Suite - Core
Reporter: Vojtech Juranek
Assignee: Vojtech Juranek
[Kerberos auth integration
test|https://github.com/infinispan/infinispan/blob/master/integrationtest...]
passes on JDK7, but fails on JDK8 with
{noformat}
Caused by: javax.naming.NamingException: JBAS011843: Failed instantiate
InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader
for Module "deployment.b5efb5d4-0f0d-448f-b60f-e8bd15023ebd.war:main" from
Service Module Loader [Root exception is javax.naming.CommunicationException: Request: 1
cancelled]
at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:116)
at org.jboss.as.naming.InitialContext.init(InitialContext.java:99)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:153)
at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:90)
at
org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:44)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:153)
at
org.jboss.security.negotiation.AdvancedLdapLoginModule.constructLdapContext(AdvancedLdapLoginModule.java:431)
... 109 more
Caused by: javax.naming.CommunicationException: Request: 1 cancelled
at com.sun.jndi.ldap.LdapRequest.getReplyBer(LdapRequest.java:105)
at com.sun.jndi.ldap.Connection.readReply(Connection.java:449)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:364)
at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:126)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:235)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:114)
... 118 more
{noformat}
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)