Troubleshooting HelloKDC.java

Common Exception Messages:

  • Checksum failed
  • Client not found in Kerberos database (6)
  • KDC has no support for encryption type (14)
  • Clients credentials have been revoked (18)
  • Pre-authentication information was invalid (24)
  • Cannot get kdc for realm
  • The module name spnego-client was not found in the login file
  • javax.security.auth.login.LoginException: null (68)
  • Checksum failed

    * Check for a miss-typed password or wrong password.

    Client not found in Kerberos database (6)

    * Check for a miss-typed username or if username does not exist.

    KDC has no support for encryption type (14)

    * Check krb5.conf file to be sure valid encryption types have been specified.

    Clients credentials have been revoked (18)

    * Check if account is locked-out, expired, or disabled in Active Directory.

    Pre-authentication information was invalid (24)

    * Check for a miss-typed password or wrong password.

    Cannot get kdc for realm

    * Check [libdefaults] and [realms] section of krb5.conf for typos.

    * In the example, ATHENA.LOCAL is both the name of the Domain and the name of the Realm.

    The module name spnego-client was not found in the login file

    * Check for typos in the login.conf file.

    javax.security.auth.login.LoginException: null (68)

    * Check [libdefaults] and [realms] section of krb5.conf for typos.

    * In the example, ATHENA.LOCAL is both the name of the Domain and the name of the Realm.

    Links:
    pre-flight checklist
    install guide - tomcat
    install guide - jboss
    install guide - glassfish
    reference docs
    api docs
    download

    Troubleshooting:
    HelloKDC.java
    hello_spnego.jsp
    HelloKeytab.java
    hello_delegate.jsp
    SpnegoHelloClient.java

    Examples:
    create keytab for client
    create keytab for app server
    credential delegation
    protected SOAP Web Service
    tomcat authenticator valve
    jboss authenticator valve

    Licensing:
    GNU LGPL


    © 2009 Darwin V. Felix. All rights reserved.