Hi all,
im going to be really desperate from this error message during the authentization to the Win2003 server where the Active Directory is running ... Im using Krb5LoginModule.
- Our administrator of the AD service has enabled DES encryption at the tested account.
- Im sure that entered password is correct, because im able to login via this password to our network.
- Entered Kerberos realm is in upper case...in the form (COMPANY.COM)
- Kerberos KDC contains IP adress of the Domain controller.
I really dont know why it doesnt work....:-(( Strange is that if i enable ticketCache to the ability to use the native ticket cache it works fine.....
My code is:
import javax.security.sasl.*;
import java.io.*;
import java.util.*;
import javax.security.auth.Subject;
import com.sun.security.auth.callback.TextCallbackHandler;
/**
* This JaasAcn application attempts to authenticate a user
* and reports whether or not the authentication was successful.
*/
public class JaasSample {
public static void main(String[] args) {
LoginContext lc = null;
java.util.Properties p = new java.util.Properties(System.getProperties());
try
{
lc = new LoginContext("JaasSample", new TextCallbackHandler());
}
catch (LoginException le)
{
System.err.println("Cannot create LoginContext. "
+ le.getMessage());
System.exit(-1);
}
catch (SecurityException se)
{
System.err.println("Cannot create LoginContext. "
+ se.getMessage());
System.exit(-1);
}
catch (Exception e)
{
System.out.println("Login failer: "+e.getMessage());
}
try {
lc.login();
Subject subject = lc.getSubject();
Iterator it = subject.getPrincipals().iterator();
while (it.hasNext())
System.out.println("Authenticated: " + it.next().toString());
it = subject.getPublicCredentials(Properties.class).iterator();
while (it.hasNext())
((Properties)it.next()).list(System.out);
lc.logout();
} catch (LoginException le) {
System.err.println("Authentication failed: ");
System.err.println(" " + le.getMessage());
System.exit(-1);
}
System.out.println("Authentication succeeded!");
}
}
start.bat file:
-----------------
"c:\Program Files\Java\jdk1.5.0_06\bin\java" -Djava.security.krb5.realm=BERIT.CZ -Djava.security.krb5.kdc=10.1.0.04 -Djava.security.krb5.debug=true -Djava.security.auth.login.config=jaas.conf JaasSample
-----------------
jaas.conf file:
JaasSample {
com.sun.security.auth.module.Krb5LoginModule required useTicketCache="false" debug="true";
};
Output is:
-------------
c:\JAAS>"c:\Program Files\Java\jdk1.5.0_06\bin\java" -Djava.security.krb5.realm=
BERIT.CZ -Djava.security.krb5.kdc=10.1.0.04 -Djava.security.krb5.debug=true -Dja
va.security.auth.login.config=jaas.conf JaasSample
Debug is true storeKey false useTicketCache false useKeyTab false doNotPrompt f
alse ticketCache is null KeyTab is null refreshKrb5Config is false principal is
null tryFirstPass is false useFirstPass is false storePass is false clearPass is
false
Kerberos username [Kloucek]: User3
Kerberos password for User3: Poiu4566
[Krb5LoginModule] user entered username: User3
principal is User3@BERIT.CZ
Acquire TGT using AS Exchange
EncryptionKey: keyType=3 keyBytes (hex dump)=0000: 13 A1 F4 86 B6 1C BF 85
EncryptionKey: keyType=1 keyBytes (hex dump)=0000: 13 A1 F4 86 B6 1C BF 85
EncryptionKey: keyType=16 keyBytes (hex dump)=0000: 01 58 6E AE EF 25 15 43 F1
2C 40 46 7A 3D 2A B0 .Xn..%.C.,@Fz=*.
0010: 1F 16 9E B6 19 8A 46 68
[Krb5LoginModule] authentication failed
Pre-authentication information was invalid (24)
Authentication failed:
Pre-authentication information was invalid (24)
I tried all tips i found at this forum and other internet resources without luck...:-(((
Please heeeeelp!!!!!!!!!!!!!!!!!