-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
None
-
7u80, 8
-
generic
-
generic
FULL PRODUCT VERSION :
Any newer version than java 7u79.
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) 64-bit Server VM (build 25.2-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
all platforms we tested including windows 7 (32 + 64) win 8.1, windows server 2012 (64 bit),
Linux machines (2.6.32-279) and others.
A DESCRIPTION OF THE PROBLEM :
We have a working application that does client authentication using Kerberos and jgss.
We are using the following flow
name = manager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
cred = manager.createCredential(name, GSSCredential.INDEFINITE_LIFETIME, krb5Mechanism, GSSCredential.ACCEPT_ONLY);
context.acceptSecContext(clientInBufferData, 0, bytesRead);
When running the application with java 7u79, authentication works.
When attempting to use it using the same environment and user and using java7u80 or java8 the authentication fails with the error:
[2016/04/12 14:58:40] authenticateClient: EXCEPTION
GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos credentails)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Unknown Source)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.add(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(Unknown Source)
at SSO_AsynchAuthenticator.authenticateClient(Unknown Source)
REGRESSION. Last worked in version 7u79
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_79"
Java (TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HostSpot(TM) 64-bit Server VM (build 24.79-b02, mixed mode)
ERROR MESSAGES/STACK TRACES THAT OCCUR :
[2016/04/12 14:58:40] authenticateClient: EXCEPTION
GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos credentails)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Unknown Source)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.add(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(Unknown Source)
at SSO_AsynchAuthenticator.authenticateClient(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
Any newer version than java 7u79.
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) 64-bit Server VM (build 25.2-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
all platforms we tested including windows 7 (32 + 64) win 8.1, windows server 2012 (64 bit),
Linux machines (2.6.32-279) and others.
A DESCRIPTION OF THE PROBLEM :
We have a working application that does client authentication using Kerberos and jgss.
We are using the following flow
name = manager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
cred = manager.createCredential(name, GSSCredential.INDEFINITE_LIFETIME, krb5Mechanism, GSSCredential.ACCEPT_ONLY);
context.acceptSecContext(clientInBufferData, 0, bytesRead);
When running the application with java 7u79, authentication works.
When attempting to use it using the same environment and user and using java7u80 or java8 the authentication fails with the error:
[2016/04/12 14:58:40] authenticateClient: EXCEPTION
GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos credentails)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Unknown Source)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.add(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(Unknown Source)
at SSO_AsynchAuthenticator.authenticateClient(Unknown Source)
REGRESSION. Last worked in version 7u79
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_79"
Java (TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HostSpot(TM) 64-bit Server VM (build 24.79-b02, mixed mode)
ERROR MESSAGES/STACK TRACES THAT OCCUR :
[2016/04/12 14:58:40] authenticateClient: EXCEPTION
GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos credentails)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Unknown Source)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.add(Unknown Source)
at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(Unknown Source)
at SSO_AsynchAuthenticator.authenticateClient(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.