JGSS: Integrity check on decrypted field failed (31)
Seema Malkani
Seema.Malkani at Sun.COM
Tue Nov 7 15:16:22 EST 2006
What version of JDK are you using ? Sun's implementation of Java GSS
includes support for SPNEGO starting from Java SE 6.
Has the SPN been setup correctly ?
Seema
Michael B Allen wrote On 11/06/06 11:26,:
>I wrote an SPNEGO Java Servlet Filter that decodes the SPNEGO token,
>plucks out the krb5 mechToken and passes it to acceptSecContext. Works
>great on Linux/Jetty. Tomcat on Windows gives me the following exception.
>Basically it looks like it's failing to decrypt the ticket as if the
>password was wrong (but it's not). The service account is set for DES
>only. For the service credential, I manually create a KerberosKey with a
>plaintext password and enctype of "DES".
>
>Before I start doing byte for byte checking can anyone recommend potential
>reasons for this error?
>
>GSSException: Failure unspecified at GSS-API level (Mechanism level:
>Integrity check on decrypted field failed (31))
> sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:734)
> sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:300)
> sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:246)
> com.ibi.security.spnego.SpnegoFilter.doFilter(SpnegoFilter.java:262)
>________________________________________________
>Kerberos mailing list Kerberos at mit.edu
>https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
More information about the Kerberos
mailing list