64-bit JRockit 1.6.0_33-R28.2 with WLS 10.3.5 on Windows and krb5 problem
I have had a very strange issue with JRockit and Kerberos on Windows, which I would like some input to.
My environment is:
Server Operating System = Windows Server 2008 R2 x64
Application Server = WebLogic Server Std. Edition 10.3.5 Generic
Java = First jrockit-jdk1.6.0_29-R28.2.2-4.1.0-windows-x64, then jrockit-jdk1.6.0_33-R28.2.4-4.1.0-windows-x64
Browsers = IE9 and Google Chrome 21
Clients = Windows 7 and Windows XP
Encryption = First DES, then RC4-HMAC
Active Directory with KDC: Both on Windows 2003 and Windows 2008
While JRockit's kinit tool successfully stored a ticket in cache when invoked from the Windows Command Prompt, it never worked in JRockit through WebLogic. With klist I could see a ticket being issued, but WebLogic console nor custom JEE apps with <auth-method>CLIENT-CERT,FORM</auth-method> caused auto-login.
I tried with both DES and RC4-HMAC, kerberos pre-auth on and off, and played around with SPNs and user account options without getting further than WebLogic saying:
Found key for <user>@<domain>(23)
Entered Krb5Context.acceptSecContext with state=STATE_NEW"
It think I have tried pretty much any combination of encryption algorithms, user account options and krb5.ini options without being able to get WebLogic to log me in through Kerberos. And I have read both the official doc and various blogs on how to set it up to get various views on configurations that should work. But without any luck.
Then after 3 weeks struggling with this, I found a post here on OTN where a user mentioned problems with Kerberos after he upgraded from JRockit-jdk1.6.0_20-R28.1.0....
So I tried to downgrade to jrockit-jdk1.6.0_20-R28.1.0, and suddenly my setup worked !!
So my questions are:
1. What is the highest version of JRockit on Windows 2008 R2 x64 that is known to work with Kerberos (preferably using RC4-HMAC) ?
2. Have anyone found a workaround to get this to work with jrockit-jdk1.6.0_33-R28.2.x on Windows 2008 R2 x64 ?
Edited by: Audun Nes on Aug 16, 2012 7:33 AM
Edited by: Audun Nes on Aug 16, 2012 7:34 AM