[jboss-dev-forums] [JBoss AS 7 Development] - Re: Configure AS7 to authenticate users with kerberos

Antoan Nikolaev do-not-reply at jboss.com
Wed Jan 4 16:48:44 EST 2012 

Antoan Nikolaev [http://community.jboss.org/people/anikolaev71] created the discussion

"Re: Configure AS7 to authenticate users with kerberos"

To view the discussion, visit: http://community.jboss.org/message/644709#644709

--------------------------------------------------------------
I think JBOSS will be better if there is a comprehensive documentation on the Kerberos setup. From A-Z.... I've been working on this for couple of days and must tell you it is not a picnic. The hardest part in my case is to get the linux box to get connected to the KDC. I've got that done and now am stuck on the SPNEGO piece. 

I'll be happy to contribute if anyone helps resolve the issue.

Do you have any idea what Mechanis Level: Checksum failed means?

13:14:57,898 ERROR [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-0.0.0.0-8082-1) Unable to authenticate: GSSException: F
ailure unspecified at GSS-API level (Mechanism level: Checksum failed)
        at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741) [:1.6.0_10]
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323) [:1.6.0_10]
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267) [:1.6.0_10]
        at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:396) [jboss-negotiation-2.2.0.Beta3
.jar:2.2.0.Beta3]
        at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_10]
        at javax.security.auth.Subject.doAs(Subject.java:337) [:1.6.0_10]
        at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.spnegoLogin(SPNEGOLoginModule.java:237) [jboss-negotiation-2.2.0.Beta3.jar:2.2.
0.Beta3]
        at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.innerLogin(SPNEGOLoginModule.java:194) [jboss-negotiation-2.2.0.Beta3.jar:2.2.0
.Beta3]
        at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:137) [jboss-negotiation-2.2.0.Beta3.jar:2.2.0.Beta
3]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_10]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_10]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_10]
        at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_10]
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_10]
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_10]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_10]
        at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_10]
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_10]
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_10]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-i
nfinispan-4.0.1.jar:4.0.1]


--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/644709#644709]

Start a new discussion in JBoss AS 7 Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120104/ebc4f943/attachment.html

More information about the jboss-dev-forums mailing list