spnego/kerberos negotiation failure

miten mehta imiten at yahoo.com
Thu Nov 1 00:14:35 EDT 2012


basic question:

what is difference between kerberos ticket and token ?

actual problem question:

I have win 7 box and login user is "Miten Mehta".  I run mit network identity manager to  fetch TGT as msm at PRIMESYSTEMS.COM. 

I have setup internet explorer adding pinkydebian host to options/security/local intranet/sites and windows hosts file resolves the ip for it.  My web app runs on pinkydebian host tomcat instance.

I start internet explorer browser to connect to web app.  The web app uses spnego/kerberos auth using spring-security spnego/kerberos framework.

I see that there is ticket being presented by browser to web app as per logs here (see reply #6 in url below if in hurry)


and then it fails.  I was not prompted with basic auth form for user / password.  I expected it not to prompt and use the TGT which I have fetched to get Service ticket.

If some one is experienced in spnego + kerberos please guide so I can get past spnego negotiation step which is what I understand its failing in.
I have tried to even clear the tickets on win 7 box and then accessing web app but the observations are no different.



More information about the Kerberos mailing list