Troubleshooting HelloKDC.java

Common Exception Messages:

Checksum failed

* Check for a miss-typed password or wrong password.

Client not found in Kerberos database (6)

* Check for a miss-typed username or if username does not exist.

KDC has no support for encryption type (14)

* Check krb5.conf file to be sure valid encryption types have been specified.

Clients credentials have been revoked (18)

* Check if account is locked-out, expired, or disabled in Active Directory.

Pre-authentication information was invalid (24)

* Check for a miss-typed password or wrong password.

Cannot get kdc for realm

* Check [libdefaults] and [realms] section of krb5.conf for typos.

* In the example, ATHENA.LOCAL is both the name of the Domain and the name of the Realm.

The module name spnego-client was not found in the login file

* Check for typos in the login.conf file.

javax.security.auth.login.LoginException: null (68)

* Check [libdefaults] and [realms] section of krb5.conf for typos.

* In the example, ATHENA.LOCAL is both the name of the Domain and the name of the Realm.

Links:
pre-flight checklist
install guide - tomcat
install guide - jboss
install guide - glassfish
install guide - spring boot 2.x
install guide - spring boot 3.x
enable authZ with LDAP
get user group info from LDAP
reference docs
api docs
download

Troubleshooting:
HelloKDC.java
hello_spnego.jsp
HelloKeytab.java
hello_delegate.jsp
SpnegoHelloClient.java

Examples:
create keytab for client
create keytab for app server
credential delegation
protected SOAP Web Service
tomcat authenticator valve
jboss authenticator valve
authZ for standalone apps
protecting edit button on page

Licensing:
GNU LGPL