Problems with kerberos Windows XP sp2
Miika Parvio
miika.parvio at NOSPAMtut.fi
Mon Jan 10 09:29:07 EST 2005
Hello!
I just got work SSO authentication against AD using JAAS. But then I
installed SP2 to my Windows XP, and nothing works anymore.
Maybe I explain, what my application did, before I updated to SP2:
1) Authenticate current user with SS0 against AD. This was done by JAAS
and com.sun.security.auth.module.Krb5LoginModule.
2) Use current authentication information to get group information of
authenticated user from AD. This was done by JNDI like this:
JndiAction action = new JndiAction(args);
Subject.doAs(lc.getSubject(), action);
lc is LoginContect object.
Everything worked with SP1 very well.
When I istalled SP 2, situation looks like this:
1) Authenticate current user with SSO against AD.
-no erros, so I assume that everything wents well.
2) Use current authentication information to get group information of
authenticated user from AD.
An exception is occurred:
javax.naming.AuthenticationException: GSSAPI [Root exception is
javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: KDC has no
support for encryption type (14))]] GSSAPI
What should I do?
If I don't Use SSO, everything works fine. Do I need some batches to fix
this problem or what?
Miika Parvio
More information about the Kerberos
mailing list