[jboss-jira] [JBoss JIRA] (ELY-1590) CLI + Kerberos authentication fails in CD13
Martin Choma (JIRA)
issues at jboss.org
Thu May 24 05:55:00 EDT 2018
Martin Choma created ELY-1590:
---------------------------------
Summary: CLI + Kerberos authentication fails in CD13
Key: ELY-1590
URL: https://issues.jboss.org/browse/ELY-1590
Project: WildFly Elytron
Issue Type: Bug
Components: SASL
Affects Versions: 1.3.2.Final
Reporter: Martin Choma
Priority: Blocker
Use case: Administrator wants to connect to CLI using kerberos ticket. It is not possible in CD13 with error
{code}
Client authentication failed: javax.security.sasl.SaslException: ELY05108: Unable to create response token [Caused by GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))]
{code}
Attaching logs of server and client for CD12 (OK) and CD13 (NOK)
In server log there is missing message {{Server received authentication request}} so it makes me think problem is on client side.
Comparing client logs there is difference
* CD13
{code}
11:32:58,924 TRACE [org.jboss.remoting.remote.client] Client authentication failed: javax.security.sasl.SaslException: ELY05108: Unable to create response token [Caused by GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))]
{code}
* CD12
compared to CD12
{code}
11:31:16,946 TRACE [org.wildfly.security.sasl.gssapi] GSSContext established, transitioning to negotiate security layer.
{code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list