Specified version of key is not available
Weijun Wang
weijun.wang at oracle.com
Thu Dec 9 22:15:04 EST 2010
Java fixed a bug on key version check in 6u21.
The error message looks like the keytab is not the latest one. Each time
ktpass.exe is called, it increments the key version number for the
service, so you must always use the last generated keytab file on the
server.
Thanks
Weijun
On 12/10/2010 06:10 AM, michal wrote:
> Hi,
> Have a problem with setting up Tomcat (Java servlet container) for
> SPNEGO authentication in Active Directory domain. The implementation
> is based on JGSS available in Oracle JDK 1.6.0_22
> 1. Keytab is generated using ktpass utility.
> 2. Server (Tomcat) obtains a service ticket from the keytab.
> 3. Server sends Negotiate header to the browser
> 4. The browser sends an encoded kerberos ticket to the server
> 5. Ooops... The server prints out exception message "Specified version
> of key is not available" and refuses to establish GSS context.
> All is setup exactly as described here:
> http://blog.springsource.com/2009/09/28/spring-security-kerberos
> and works perfectly with MIT Kerberos (even with Windows clients
> configured using ksetup tool).
> I've googled around and could not find anything. Anybody has any idea
> what is wrong?
> Thanks for any suggestions.
> Michal
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list