[jboss-user] [Security & JAAS/JBoss] - Re: Issues with JBoss Negotiation

danielmesser do-not-reply at jboss.com
Wed Feb 11 23:24:37 EST 2009 

Darran,

As per your suggestion, I upgraded Firefox to Firefox3. It still doesn't work but now I get the following error:
Any ideas?
Thanks

20:57:14,091 INFO  [SPNEGOAuthenticator] Header - null
20:57:14,187 INFO  [SPNEGOAuthenticator] Header - Negotiate YIICTQYGKwYBBQUCoIICQTCCAj2gHzAdBgkqhkiG9xIBAgIGBSsFAQUCBgkqhkiC9xIBAgKiggIYBIICFGCCAhAGCSqGSIb3EgECAgEAboIB/zCCAfugAwIBBaEDAgEOogcDBQAAAAAAo4IBF2GCARMwggEPoAMCAQWhDRsLU0xDLlNHSS5DT02iJzAloAMCAQOhHjAcGwRIVFRQGxRsbnguYW1lcmljYXMuc2dpLmNvbaOBzzCBzKADAgEQoQMCAQOigb8Egbw5tg/oKgy6xWSvNU7juU3zFBuOSf5C6P4Uowezrgqne53q5+LxA5X8FPyycisYeF1MF49hOOvj45elsmtkGL/7X5GiScnKaITtoSWkS7J8SAtWCj+HXUQpuJIUv8r0wjd572BlRELOvcPm7kdxTWD9txRTzSFEbnOvZIeRW71Mk+kZAl3NxiOiPJkUBj5s2Y4WPilU8f9eeXuls3CKXafYsJaFyFuhnV5ds920VOBoHTlkpJPp1qnoFpiqGqSByjCBx6ADAgEQooG/BIG8FFQkcwz6d/+/RsoYKXn+PqBwrmW0eZI3cKumgy9R3uvsNgmn3PcBOdEn6XtFVyhPT50YjaMEuzTT9EdSiHXqbjcg+HAEYC3a47Za/VkuGR6PDcrvO00M0lUk1ngBiTzcA1Su6ad6Pfy8jPnvm0UO0AGJsqg6ZXqjlvBiSgeZm769mv207jRFn1PXGgpAmj0F6jm0k58a6oHFTI+HEr6cy7xk9A9vwsGP61bo2kakE5NQog880Gn/odVPt5o=
20:57:14,188 INFO  [STDOUT] Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is /etc/krb5.keytab refreshKrb5Config is false principal is host/lnx.americas.sgi.com at SLC.SGI.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
20:57:14,189 INFO  [STDOUT] principal's key obtained from the keytab
20:57:14,189 INFO  [STDOUT] Acquire TGT using AS Exchange
20:57:14,236 INFO  [STDOUT] principal is host/lnx.americas.sgi.com at SLC.SGI.COM
20:57:14,237 INFO  [STDOUT] EncryptionKey: keyType=1 keyBytes (hex dump)=0000: EA 7F 1F 73 8F 89 7C 08   
20:57:14,237 INFO  [STDOUT] EncryptionKey: keyType=16 keyBytes (hex dump)=0000: 64 CD 57 D9 B0 C2 19 D0   85 DF 5E 0B 6D 43 CD 37  d.W.......^.mC.7
0010: CD B3 CB B5 0D 5D DC 13   
20:57:14,237 INFO  [STDOUT] Added server's keyKerberos Principal host/lnx.americas.sgi.com at SLC.SGI.COMKey Version 3key EncryptionKey: keyType=1 keyBytes (hex dump)=
0000: EA 7F 1F 73 8F 89 7C 08   
20:57:14,237 INFO  [STDOUT] 		[Krb5LoginModule] added Krb5Principal  host/lnx.americas.sgi.com at SLC.SGI.COM to Subject
20:57:14,237 INFO  [STDOUT] Added server's keyKerberos Principal host/lnx.americas.sgi.com at SLC.SGI.COMKey Version 3key EncryptionKey: keyType=16 keyBytes (hex dump)=
0000: 64 CD 57 D9 B0 C2 19 D0   85 DF 5E 0B 6D 43 CD 37  d.W.......^.mC.7
0010: CD B3 CB B5 0D 5D DC 13   
20:57:14,237 INFO  [STDOUT] 		[Krb5LoginModule] added Krb5Principal  host/lnx.americas.sgi.com at SLC.SGI.COM to Subject
20:57:14,237 INFO  [STDOUT] Commit Succeeded 
20:57:14,241 ERROR [SPNEGOLoginModule] Unable to authenticate
GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
	at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:730)
	at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:300)
	at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:246)
	at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:295)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:337)
	at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:113)
	at sun.reflect.GeneratedMethodAccessor77.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:585)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
	at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
	at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
	at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
	at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
	at org.jboss.security.negotiation.spnego.SPNEGOAuthenticator.authenticate(SPNEGOAuthenticator.java:103)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
	at java.lang.Thread.run(Thread.java:595)
Caused by: KrbException: Checksum failed
	at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:77)
	at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:69)
	at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:167)
	at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:267)
	at sun.security.krb5.KrbApReq.(KrbApReq.java:134)
	at sun.security.jgss.krb5.InitSecContextToken.(InitSecContextToken.java:79)
	at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:715)
	... 31 more
Caused by: java.security.GeneralSecurityException: Checksum failed
	at sun.security.krb5.internal.crypto.dk.DkCrypto.decrypt(DkCrypto.java:354)
	at sun.security.krb5.internal.crypto.Des3.decrypt(Des3.java:57)
	at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:75)
	... 37 more
20:57:14,243 INFO  [STDOUT] 		[Krb5LoginModule]: Entering logout
20:57:14,243 INFO  [STDOUT] 		[Krb5LoginModule]: logged out Subject



View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4209332#4209332

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4209332

More information about the jboss-user mailing list