Kerberos 5 Loginmodule: Pre-authentication information wasinvalid (24)
Thomas Konrath
thomas.konrath at fh-joanneum.at
Fri Feb 21 03:46:55 EST 2003
Hi !!!
We configured one user in our real domain so that it does not require
a Kerberos preauthentication but the problem still is still the same.
In our test domain, every user was configured to require a
preauthentication and it works fine ...
Could it be a problem that our test domain is in mixed-mode and the
real domain is in Windows 2000 native mode?
Thanx ...
cu,
Tom
kerberos at northsailor.de (Klaas Hagemann) wrote in message news:<3E53CB54.6060001 at northsailor.de>...
> Thomas Konrath schrieb:
> > Hi !!!
> >
> > We are doing a project for our university and we have a problem
> > concerning the Kerberos 5 Loginmodul from sun.
> >
> > We are using the class com.sun.security.auth.module.Krb5LoginModule in
> > our Java project. We have configured the krb5.ini file as it is
> > described under http://www.lns.cornell.edu/public/COMP/krb5/admin/admin_3.html#SEC16.
> >
> > Actually, it runs well in our testdomain but not in the real domain in
> > our university (both are Windows 2000 Domains with Windows 2000 and
> > Windows XP workstations).
> So you have differences between your test domain and your real domain.
> Since you have problems with the preauthentication i would say, that
> your real domain forces preauthentication and your test domain does not
> or the other way. Check your principals in the real domain and in your
> testdomain if the flaf "requires preauthentication" is set.
>
> Klaas
>
>
> >
> >
> > When we are try to log on, we get to following exception:
> > 16:21:35,680 INFO [STDOUT] Debug is true storeKey false
> > useTicketCache false useKeyTab false doNot
> > Prompt false ticketCache is null KeyTab is null principal is null
> > tryFirstPass is false useFirstPass
> > is false storePass is false clearPass is false
> > 16:21:35,680 INFO [STDOUT] [Krb5LoginModule] user entered
> > username: konrat
> > 16:21:35,690 INFO [STDOUT] principal is konrat at SAFE.LOCAL
> > 16:21:35,740 INFO [STDOUT] [Krb5LoginModule]
> > authentication failed
> > Pre-authentication information was invalid (24)
> > 16:21:35,750 ERROR [STDERR] javax.security.auth.login.LoginException:
> > Pre-authentication information
> > was invalid (24)
> > 16:21:35,750 ERROR [STDERR] at
> > com.sun.security.auth.module.Krb5LoginModule.attemptAuthenticatio
> > n(Krb5LoginModule.java:568)
> > 16:21:35,750 ERROR [STDERR] at
> > com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModul
> > e.java:458)
> > 16:21:35,750 ERROR [STDERR] at
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > 16:21:35,750 ERROR [STDERR] at
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorI
> > mpl.java:39)
> > 16:21:35,750 ERROR [STDERR] at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodA
> > ccessorImpl.java:25)
> > 16:21:35,750 ERROR [STDERR] at
> > java.lang.reflect.Method.invoke(Method.java:324)
> > 16:21:35,750 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.invoke(LoginContext.java:6
> > 75)
> > 16:21:35,750 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.access$000(LoginContext.ja
> > va:129)
> > 16:21:35,760 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext$4.run(LoginContext.java:61
> > 0)
> > 16:21:35,760 ERROR [STDERR] at
> > java.security.AccessController.doPrivileged(Native Method)
> > 16:21:35,760 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.invokeModule(LoginContext.
> > java:607)
> > 16:21:35,760 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.login(LoginContext.java:53
> > 4)
> > 16:21:35,760 ERROR [STDERR] at
> > edu.ima.safe.security.auth.spi.Krb5LdapLoginModule.login(Krb5Ldap
> > LoginModule.java:336)
> > 16:21:35,760 ERROR [STDERR] at
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > 16:21:35,760 ERROR [STDERR] at
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorI
> > mpl.java:39)
> > 16:21:35,760 ERROR [STDERR] at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodA
> > ccessorImpl.java:25)
> > 16:21:35,760 ERROR [STDERR] at
> > java.lang.reflect.Method.invoke(Method.java:324)
> > 16:21:35,760 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.invoke(LoginContext.java:6
> > 75)
> > 16:21:35,760 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.access$000(LoginContext.ja
> > va:129)
> > 16:21:35,770 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext$4.run(LoginContext.java:61
> > 0)
> > 16:21:35,770 ERROR [STDERR] at
> > java.security.AccessController.doPrivileged(Native Method)
> > 16:21:35,770 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.invokeModule(LoginContext.
> > java:607)
> > 16:21:35,770 ERROR [STDERR] at
> > javax.security.auth.login.LoginContext.login(LoginContext.java:53
> > 4)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasS
> > ecurityManager.java:462)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasS
> > ecurityManager.java:417)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecuri
> > tyManager.java:244)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecuri
> > tyManager.java:219)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociatio
> > n(SecurityInterceptor.java:169)
> > 16:21:35,770 ERROR [STDERR] at
> > org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInte
> > rceptor.java:94)
> > 16:21:35,780 ERROR [STDERR] at
> > org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.ja
> > va:129)
> > 16:21:35,780 ERROR [STDERR] at
> > org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessi
> > onContainer.java:300)
> > 16:21:35,780 ERROR [STDERR] at
> > org.jboss.ejb.plugins.local.BaseLocalContainerInvoker.invokeHome(
> > BaseLocalContainerInvoker.java:230)
> > 16:21:35,780 ERROR [STDERR] at
> > org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.
> > java:110)
> > 16:21:35,780 ERROR [STDERR] at $Proxy23.create(Unknown Source)
> > 16:21:35,780 ERROR [STDERR] at
> > org.apache.jsp.ejbsecurepage$jsp._jspService(ejbsecurepage$jsp.ja
> > va:65)
> > 16:21:35,780 ERROR [STDERR] at
> > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:10
> > 7)
> > 16:21:35,780 ERROR [STDERR] at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> > 16:21:35,780 ERROR [STDERR] at
> > org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(Js
> > pServlet.java:201)
> > 16:21:35,780 ERROR [STDERR] at
> > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.ja
> > va:381)
> > 16:21:35,780 ERROR [STDERR] at
> > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:473)
> >
> > 16:21:35,790 ERROR [STDERR] at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java
> > :360)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebAppli
> > cationHandler.java:280)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.ja
> > va:553)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1717)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplica
> > tionContext.java:549)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1667)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.http.HttpServer.service(HttpServer.java:862)
> > 16:21:35,790 ERROR [STDERR] at
> > org.jboss.jetty.Jetty.service(Jetty.java:497)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.http.HttpConnection.service(HttpConnection.java:759)
> > 16:21:35,790 ERROR [STDERR] at
> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:92
> > 3)
> > 16:21:35,800 ERROR [STDERR] at
> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:776)
> > 16:21:35,800 ERROR [STDERR] at
> > org.mortbay.http.SocketListener.handleConnection(SocketListener.j
> > ava:202)
> > 16:21:35,800 ERROR [STDERR] at
> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:289)
> > 16:21:35,800 ERROR [STDERR] at
> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:455)
> > 16:21:35,800 ERROR [STDERR] Caused by: KrbException:
> > Pre-authentication information was invalid (24)
> >
> > 16:21:35,800 ERROR [STDERR] at
> > sun.security.krb5.KrbAsRep.<init>(DashoA6275:62)
> > 16:21:35,800 ERROR [STDERR] at
> > sun.security.krb5.KrbAsReq.getReply(DashoA6275:308)
> > 16:21:35,800 ERROR [STDERR] at
> > sun.security.krb5.Credentials.acquireTGT(DashoA6275:333)
> > 16:21:35,800 ERROR [STDERR] at
> > com.sun.security.auth.module.Krb5LoginModule.attemptAuthenticatio
> > n(Krb5LoginModule.java:559)
> > 16:21:35,810 ERROR [STDERR] ... 54 more
> > 16:21:35,810 ERROR [STDERR] Caused by: KrbException: Identifier
> > doesn't match expected value (906)
> > 16:21:35,810 ERROR [STDERR] at
> > sun.security.krb5.internal.af.a(DashoA6275:129)
> > 16:21:35,810 ERROR [STDERR] at
> > sun.security.krb5.internal.au.a(DashoA6275:58)
> > 16:21:35,810 ERROR [STDERR] at
> > sun.security.krb5.internal.au.<init>(DashoA6275:53)
> > 16:21:35,810 ERROR [STDERR] at
> > sun.security.krb5.KrbAsRep.<init>(DashoA6275:48)
> > 16:21:35,810 ERROR [STDERR] ... 57 more
> >
> >
> >
> >
> > --> PLEASE HELP !!!!!!!!!!!!!!!!!!!!!!!!!!!!
> >
> > Thanx,
> >
> > Tom
> > ________________________________________________
> > Kerberos mailing list Kerberos at mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list