-
Bug
-
Resolution: Not an Issue
-
P3
-
None
-
7u4
-
x86
-
linux
When a program tried to conenct to LDAP server(when InitialDirContext instance is created),
javax.naming.AuthenticationException occurs.
ENVIRONMENT:
This exception shows up with all the following conditions.
1. JDK7u4 ( not in JDK6u31)
2. When InitialDirContext is created,
1) IP-adrress is set to PROVIDER_URL.
(FQDN does not cause this exception.)
2) GSSAPI is set to SECURITY_AUTHENTICATION.
STACK TRACE:
javax.naming.AuthenticationException: GSSAPI [Root exception is
javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))]]
at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:168)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:232)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
REPRODUCE:
1. Compile the attached test case
( Change the line#32,33, 40 and 43 in GssGetattrs.java)
2. Change java_krb5.conf adjusting to your env.
(Change simple.conf, if needed)
3. Place the above 2 files, java_krb5.conf and simple.conf to the dir. to which
GssGetAttrs.java can refer.)
4. Input username and password in the concole
javax.naming.AuthenticationException occurs.
ENVIRONMENT:
This exception shows up with all the following conditions.
1. JDK7u4 ( not in JDK6u31)
2. When InitialDirContext is created,
1) IP-adrress is set to PROVIDER_URL.
(FQDN does not cause this exception.)
2) GSSAPI is set to SECURITY_AUTHENTICATION.
STACK TRACE:
javax.naming.AuthenticationException: GSSAPI [Root exception is
javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))]]
at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:168)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:232)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
REPRODUCE:
1. Compile the attached test case
( Change the line#32,33, 40 and 43 in GssGetattrs.java)
2. Change java_krb5.conf adjusting to your env.
(Change simple.conf, if needed)
3. Place the above 2 files, java_krb5.conf and simple.conf to the dir. to which
GssGetAttrs.java can refer.)
4. Input username and password in the concole
- relates to
-
-
- Closed
-