Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

SPNEGO is not creating kerberos ticket

User_F7SCJJan 8 2023

Hi.
I have implemented the SSO configuration with SPNEGO. The kerberos auth seems not working. It uses basic authentication on the browser. SSO seems working but i have an authentication problem.
Kerberos error is:
>>>KRBError:
sTime is Sun Jan 08 11:22:19 UTC 2023 1673176939000
suSec is 269328
error code is 25
error Message is Additional pre-authentication required
sname is krbtgt/EXAMPLE.NET@EXAMPLE.NET
eData provided.
msgType is 30
Krb5.conf file
[libdefaults]
default_realm = EXAMPLE.NET
default_keytab_name = FILE:C:\Tomcat 8.5\keytab.keytab
default_tkt_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
permitted_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
forwardable=true

[realms]
EXAMPLE.NET = {
kdc = example.net
default_domain = EXAMPLE.NET
}

[domain_realm]
EXAMPLE.NET = EXAMPLE.NET
.EXAMPLE.NET = EXAMPLE.NET

Comments
Post Details
Added on Jan 8 2023
1 comment
219 views