i have changed my krb5.conf with : | [libdefaults] | default_realm = SCIGEMS.ORG | dns_lookup_realm = true | dns_lookup_kdc = true | ticket_lifetime = 24h | forwardable = yes | default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 | default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 | permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 | But this isn't better.
| 17:25:45,212 INFO [STDOUT] Added server's keyKerberos Principal host/server1.scigems....@scigems.orgkey Version 10key EncryptionKey: keyType=1 keyBytes (hex dump)= | 0000: 16 EA 98 02 F2 C4 51 9E | 17:25:45,212 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal host/server1.scigems....@scigems.org to Subject | 17:25:45,212 INFO [STDOUT] Added server's keyKerberos Principal host/server1.scigems....@scigems.orgkey Version 10key EncryptionKey: keyType=23 keyBytes (hex dump)= | 0000: EE CF CF 55 CD 38 50 00 3E 4E 6A 7A E5 44 24 96 ...U.8P.>Njz.D$. | 17:25:45,213 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal host/server1.scigems....@scigems.org to Subject | 17:25:45,213 INFO [STDOUT] Added server's keyKerberos Principal host/server1.scigems....@scigems.orgkey Version 10key EncryptionKey: keyType=16 keyBytes (hex dump)= | 0000: 68 A7 70 31 31 01 45 3D AB 08 83 F2 20 67 EA 15 h.p11.E=.... g.. | 0010: 64 FB EF 1A 97 45 4A B0 | 17:25:45,213 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal host/server1.scigems....@scigems.org to Subject | 17:25:45,213 INFO [STDOUT] Added server's keyKerberos Principal host/server1.scigems....@scigems.orgkey Version 10key EncryptionKey: keyType=17 keyBytes (hex dump)= | 0000: D8 C3 7C 67 C3 C7 60 60 56 43 31 96 67 3E 4A 53 ...g..``VC1.g>JS | 17:25:45,213 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal host/server1.scigems....@scigems.org to Subject | 17:25:45,214 INFO [STDOUT] Added server's keyKerberos Principal host/server1.scigems....@scigems.orgkey Version 10key EncryptionKey: keyType=18 keyBytes (hex dump)= | 0000: 7C 7F 21 2C E9 3C 08 E7 8A 8B 36 F3 44 D6 2C 1A ..!,.<....6.D.,. | 0010: 96 16 75 46 62 04 60 22 C8 33 3E CD 15 6C 3E D7 ..uFb.`".3>..l>. | 17:25:45,216 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal host/server1.scigems....@scigems.org to Subject | 17:25:45,217 INFO [STDOUT] Commit Succeeded | 17:25:45,282 INFO [STDOUT] Found key for host/server1.scigems....@scigems.org(18) | 17:25:45,282 INFO [STDOUT] Found key for host/server1.scigems....@scigems.org(1) | 17:25:45,283 INFO [STDOUT] Found key for host/server1.scigems....@scigems.org(23) | 17:25:45,283 INFO [STDOUT] Found key for host/server1.scigems....@scigems.org(16) | 17:25:45,284 INFO [STDOUT] Found key for host/server1.scigems....@scigems.org(17) | 17:25:45,286 INFO [STDOUT] Entered Krb5Context.acceptSecContext with state=STATE_NEW | 17:25:45,291 INFO [STDOUT] >>> EType: sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType | 17:25:45,294 ERROR [SPNEGOLoginModule] Unable to authenticate | GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed) | at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:757) | at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:341) | at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) | at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:294) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.Subject.doAs(Subject.java:357) | at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:118) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) | at java.lang.reflect.Method.invoke(Method.java:616) | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) | at javax.security.auth.login.LoginContext.login(LoginContext.java:594) | at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552) | at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486) | at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365) | at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160) | at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384) | at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:127) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) | at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) | at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) | at java.lang.Thread.run(Thread.java:636) | Caused by: KrbException: Checksum failed | at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:96) | at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:88) | at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:176) | at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:278) | at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:145) | at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:103) | at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:740) | ... 36 more | Caused by: java.security.GeneralSecurityException: Checksum failed | at sun.security.krb5.internal.crypto.dk.DkCrypto.decrypt(DkCrypto.java:362) | at sun.security.krb5.internal.crypto.Des3.decrypt(Des3.java:79) | at sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType.decrypt(Des3CbcHmacSha1KdEType.java:94) | ... 42 more | 17:25:45,298 INFO [STDOUT] [Krb5LoginModule]: Entering logout | 17:25:45,298 INFO [STDOUT] [Krb5LoginModule]: logged out Subject | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4214009#4214009 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4214009 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user