I think JBOSS will be better if there is a comprehensive documentation on the Kerberos setup. From A-Z.... I've been working on this for couple of days and must tell you it is not a picnic. The hardest part in my case is to get the linux box to get connected to the KDC. I've got that done and now am stuck on the SPNEGO piece.
I'll be happy to contribute if anyone helps resolve the issue.
Do you have any idea what Mechanis Level: Checksum failed means?
13:14:57,898 ERROR [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-0.0.0.0-8082-1) Unable to authenticate: GSSException: F
ailure unspecified at GSS-API level (Mechanism level: Checksum failed)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741) [:1.6.0_10]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323) [:1.6.0_10]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267) [:1.6.0_10]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:396) [jboss-negotiation-2.2.0.Beta3
.jar:2.2.0.Beta3]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_10]
at javax.security.auth.Subject.doAs(Subject.java:337) [:1.6.0_10]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.spnegoLogin(SPNEGOLoginModule.java:237) [jboss-negotiation-2.2.0.Beta3.jar:2.2.
0.Beta3]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.innerLogin(SPNEGOLoginModule.java:194) [jboss-negotiation-2.2.0.Beta3.jar:2.2.0
.Beta3]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:137) [jboss-negotiation-2.2.0.Beta3.jar:2.2.0.Beta
3]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_10]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_10]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_10]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_10]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_10]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_10]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_10]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_10]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_10]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_10]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-i
nfinispan-4.0.1.jar:4.0.1]