-
Bug
-
Resolution: Not an Issue
-
P3
-
None
-
8u71
Cu is using the Krb5LoginModule to login using cached TGT from the logged machine. The JAAS config file is configured as:
Client {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
useKeyTab=false
doNotPrompt=true
renewTGT=true
debug=true;
};
and client code fails with the exception: That it did not retrieve TGT form the cache. The failure is shown in the following output:
>>> Found no TGT's in LSA
Principal is null
null credentials from Ticket Cache
[Krb5LoginModule] authentication failed
Unable to obtain Principal Name for authentication
javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication
at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:841)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:704)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at com.wfs.platform.security.kerberos.Client.login(Client.java:102)
at com.wfs.platform.security.kerberos.Client.main(Client.java:63)
There was an error during the JAAS login
This same code works with Java 6, but fails for Java 7 or 8.
Client {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
useKeyTab=false
doNotPrompt=true
renewTGT=true
debug=true;
};
and client code fails with the exception: That it did not retrieve TGT form the cache. The failure is shown in the following output:
>>> Found no TGT's in LSA
Principal is null
null credentials from Ticket Cache
[Krb5LoginModule] authentication failed
Unable to obtain Principal Name for authentication
javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication
at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:841)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:704)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at com.wfs.platform.security.kerberos.Client.login(Client.java:102)
at com.wfs.platform.security.kerberos.Client.main(Client.java:63)
There was an error during the JAAS login
This same code works with Java 6, but fails for Java 7 or 8.