[ https://issues.apache.org/jira/browse/DIRKRB-537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15168382#comment-15168382 ]
Kai Zheng commented on DIRKRB-537: ---------------------------------- Thanks for reporting of this, [~gg]. I agree this should be fixed but maybe in a release after RC2 like RC3, as the RC2 is right going to be out. [~jiajia] please let me know what would you think. Thanks. > PreAuth and incorrect Password fails silently > --------------------------------------------- > > Key: DIRKRB-537 > URL: https://issues.apache.org/jira/browse/DIRKRB-537 > Project: Directory Kerberos > Issue Type: Bug > Affects Versions: 1.0.0-RC2 > Reporter: Gerard Gagliano > > In the following scenario, Kerby is configured for PreAuth required. > 1. A login attempt causes Kerby to respond with a PreAuth required error. > 2. A subsequent AS Request containing timestamped PreAuth data (where the > password is correct) causes Kerby to send an AS Reply containing a ticket (it > worked). > 3. A subsequent AS Request containing timestamped PreAuth data (where the > password is incorrect) causes Kerby to not send any Reply back to the client > - failing silently except for the log message "Integrity check on decrypted > field failed". > In the above scenario, MIT Kerberos, sends back a Reply error code 31 > (integrity check failed) with e-text field containing "PREAUTH_FAILED". -- This message was sent by Atlassian JIRA (v6.3.4#6332)