java 1.5 KINIT error
Douglas E. Engert
deengert at anl.gov
Fri Dec 16 07:38:07 EST 2005
So is this really the problem that java does not do the pre-auth
correctly assuming it knows the salt rather then using the salt returned
by the KDC? Java 1.6 has a fix for this.
Russ Allbery wrote:
> FM <dist-list at lexum.umontreal.ca> writes:
>
>
>>I'm trying to use kinit with kerberos but :
>>
>>>bin/kinit user at REALM
>
>
>>Password for userf at REALM:password
>>Exception: krb_error 31 Integrity check on decrypted field failed (31)
>>Integrity check on decrypted field failed
>>KrbException: Integrity check on decrypted field failed (31)
>> at sun.security.krb5.internal.crypto.v.b(DashoA12275:154)
>> at sun.security.krb5.internal.crypto.v.b(DashoA12275:125)
>> at sun.security.krb5.EncryptedData.decrypt(DashoA12275:157)
>> at sun.security.krb5.KrbAsRep.<init>(DashoA12275:82)
>> at sun.security.krb5.KrbAsReq.getReply(DashoA12275:345)
>> at sun.security.krb5.KrbAsReq.getReply(DashoA12275:303)
>> at sun.security.krb5.internal.tools.Kinit.<init>(DashoA12275:252)
>> at sun.security.krb5.internal.tools.Kinit.main(DashoA12275:106)
>
>
> Sounds like the problem described at:
>
> http://archives.java.sun.com/cgi-bin/wa?A2=ind0212&L=java-security&F=&S=&P=802
>
> in which case try the fix at:
>
> http://archives.java.sun.com/cgi-bin/wa?A2=ind0212&L=java-security&D=0&P=1130
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list