Active directory JBoss AS 7.1.1中的JBoss协商。通过AD的错误测试工具包
我正在测试jboss协商工具包,只能成功完成前两个步骤“基本协商”和“安全域测试”。最后一步,“安全”显示“无法验证:GSSExException:GSS-API级别未指定的故障(机制级别:指定的密钥版本不可用(44))”错误。我在谷歌上搜索了一下,但找不到有用的东西,我再次生成了“SecureKey”,错误依然存在Active directory JBoss AS 7.1.1中的JBoss协商。通过AD的错误测试工具包,active-directory,jboss7.x,single-sign-on,kerberos,spnego,Active Directory,Jboss7.x,Single Sign On,Kerberos,Spnego,我正在测试jboss协商工具包,只能成功完成前两个步骤“基本协商”和“安全域测试”。最后一步,“安全”显示“无法验证:GSSExException:GSS-API级别未指定的故障(机制级别:指定的密钥版本不可用(44))”错误。我在谷歌上搜索了一下,但找不到有用的东西,我再次生成了“SecureKey”,错误依然存在 1生成的SecureKey: Z:\>ktpass -princ mttsrvdc01/usuarioAD@domain.com -out C:\usuarioAD.mtt
1生成的SecureKey:
Z:\>ktpass -princ mttsrvdc01/usuarioAD@domain.com -out C:\usuarioAD.mttsrvdc01.keytab -pass 1234 -mapuser krypton\usuarioAD -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL
Targeting domain controller: mttsrvdc01.domain.com
Using legacy password setting method
WARNING: realm "domain.com" has lowercase characters in it.
We only currently support realms in UPPERCASE.
assuming you mean "DOMAIN.COM"...
Successfully mapped mttsrvdc01/usuarioAD to usuarioAD.
Key created.
Output keytab to C:\usuarioAD.mttsrvdc01.keytab:
Keytab version: 0x502
keysize 83 mttsrvdc01/usuarioAD@domain.com ptype 1 (KRB5_NT_PRI
NCIPAL) vno 6 etype 0x17 (RC4-HMAC) keylength 16 (0x13c61e319351b92678bef514728d
011b)
Z:\>setspn.exe -l usuarioAD
Registered ServicePrincipalNames for [XYZ]:
mttsrvdc01/usuarioAD
15:46:35,722 INFO [stdout] (http--0.0.0.0-8081-1) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is C:\usuarioAD.mttsrvdc01.keytab refreshKrb5Config is false principal is mttsrvdc01/usuarioAD@DOMAIN.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
15:46:35,733 INFO [stdout] (http--0.0.0.0-8081-1) principal is mttsrvdc01/usuarioAD@DOMAIN.COM
15:46:35,734 INFO [stdout] (http--0.0.0.0-8081-1) Will use keytab
15:46:35,736 INFO [stdout] (http--0.0.0.0-8081-1) Commit Succeeded
15:46:35,737 INFO [stdout] (http--0.0.0.0-8081-1)
15:46:35,759 INFO [stdout] (http--0.0.0.0-8081-1) [Krb5LoginModule]: Entering logout
15:46:35,760 INFO [stdout] (http--0.0.0.0-8081-1) [Krb5LoginModule]: logged out Subject
15:46:35,761 ERROR [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http--0.0.0.0-8081-1) Unable to authenticate: GSSException: Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44))
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:788) [rt.jar:1.7.0_60]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342) [rt.jar:1.7.0_60]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) [rt.jar:1.7.0_60]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:396) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.Subject.doAs(Subject.java:356) [rt.jar:1.7.0_60]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.spnegoLogin(SPNEGOLoginModule.java:237) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.innerLogin(SPNEGOLoginModule.java:194) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:137) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_60]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_60]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_60]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_60]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_60]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_60]
Caused by: KrbException: Specified version of key is not available (44)
at sun.security.krb5.EncryptionKey.findKey(EncryptionKey.java:588) [rt.jar:1.7.0_60]
at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:270) [rt.jar:1.7.0_60]
at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144) [rt.jar:1.7.0_60]
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:108) [rt.jar:1.7.0_60]
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:771) [rt.jar:1.7.0_60]
... 35 more
15:46:35,827 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8081-1) Login failure: javax.security.auth.login.LoginException: Unable to authenticate - Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44))
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:163) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_60]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_60]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_60]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_60]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_60]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_60]
15:46:35722信息[stdout](http--0.0.0.0-8081-1)Debug为true storeKey true useTicketCache false useTicketCache true doNotPrompt true ticketCache为null isInitiator true KeyTab为C:\Usarioad.mttsrvdc01.KeyTab refreshKrb5Config为false主体为mttsrvdc01/usuarioAD@DOMAIN.COMtryFirstPass为假useFirstPass为假storePass为假clearPass为假
15:46:35733信息[stdout](http--0.0.0.0-8081-1)主体是mttsrvdc01/usuarioAD@DOMAIN.COM
15:46:35734信息[stdout](http--0.0.0.0-8081-1)将使用keytab
15:46:35736信息[stdout](http--0.0.0.0-8081-1)提交成功
15:46:35737信息[标准输出](http--0.0.0.0-8081-1)
15:46:35759信息[stdout](http--0.0.0.0-8081-1)[Krb5LoginModule]:正在输入注销
15:46:35760信息[stdout](http--0.0.0.0-8081-1)[Krb5LoginModule]:注销主题
15:46:35761错误[org.jboss.security.negotiation.spnego.SPNEGOLoginModule](http--0.0.0-8081-1)无法进行身份验证:GSSExException:在GSS-API级别未指定失败(机制级别:指定的密钥版本不可用(44))
在sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:788)[rt.jar:1.7.060]
在sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)[rt.jar:1.7.060]
位于sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)[rt.jar:1.7.060]
在org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:396)[jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
位于java.security.AccessController.doPrivileged(本机方法)[rt.jar:1.7.060]
位于javax.security.auth.Subject.doAs(Subject.java:356)[rt.jar:1.7.060]
在org.jboss.security.negotiation.spnego.SPNEGOLoginModule.spnegoLogin(SPNEGOLoginModule.java:237)[jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
在org.jboss.security.negotiation.spnego.SPNEGOLoginModule.innerLogin(SPNEGOLoginModule.java:194)[jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
在org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:137)[jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)[rt.jar:1.7.0\u 60]
在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[rt.jar:1.7.060]
在sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[rt.jar:1.7.060]
在java.lang.reflect.Method.invoke(Method.java:606)[rt.jar:1.7.0\u 60]
在javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)[rt.jar:1.7.0\u 60]
在javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)[rt.jar:1.7.0\u 60]
在javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)[rt.jar:1.7.0_60]
在javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)[rt.jar:1.7.0_60]
位于java.security.AccessController.doPrivileged(本机方法)[rt.jar:1.7.060]
在javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)[rt.jar:1.7.0\u 60]
在javax.security.auth.login.LoginContext.login(LoginContext.java:595)[rt.jar:1.7.0\u 60]
在org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449)[picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
在org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383)[picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
在org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371)[picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
位于org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160)[picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
在org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214)[jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
在org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187)[jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1]
在org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455)[jbossweb-7.0.13.Final.jar:]
在org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)[jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
在org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)[jbossweb-7.0.13.Final.jar:]
在org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)[jbossweb-7.0.13.Final.jar:]
在org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)[jbossweb-7.0.13.Final.jar:]
在org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)[jbossweb-7.0.13.Final.jar:]
在org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)[jbossweb-7.0.13.Final.jar:]
位于org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)[jbossweb-7.0.13.Final.jar:]
在org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)[jbossweb-7.0.13.Final.jar:]
在java.lang.Thread.run(Thread.jav
NEGOTIATION TOOLKIT
• Basic Negotiation
WWW-Authenticate - Negotiate YHkGBisGAQUFAqBvMG2gMDAuBgorBgEEAYI3AgIKBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHqI5BDdOVExNU1NQAAEAAACXsgjiBwAHADAAAAAIAAgAKAAAAAYBsR0AAAAPTVRUREVWNTVLUllQVE9O
• NegTokenInit
Message Oid - SPNEGO
Mech Types - {NTLM} {Kerberos V5 Legacy} {Kerberos V5} {1.3.6.1.4.1.311.2.2.30}
Req Flags -
Mech Token -TlRMTVNTUAABAAAAl7II4gcABwAwAAAACAAIACgAAAAGAbEdAAAAD01UVERFVjU1S1JZUFRPTg==
Mech List Mic -
NEGOTIATION TOOLKIT
• Security Domain Test
Testing security-domain 'host'
Authenticated
Assunto:
Principal: mttsrvdc01/usuarioAD@DOMAIN.COM
Credencial Privada: Ticket (hex) =
0000: 61 82 01 35 30 82 01 31 A0 03 02 01 05 A1 19 1B a..50..1........
0010: 17 4B 52 59 50 54 4F 4E 2E 4D 45 54 41 54 52 4F .DOMAIN.........
0020: 4E 2E 43 4F 4D 2E 42 52 A2 2C 30 2A A0 03 02 01 .COM.BR.,0*.....
0030: 02 A1 23 30 21 1B 06 6B 72 62 74 67 74 1B 17 4B ..#0!..krbtgt..D
0040: 52 59 50 54 4F 4E 2E 4D 45 54 41 54 52 4F 4E 2E OMAIN.COM.......
0050: 43 4F 4D 2E 42 52 A3 81 E0 30 81 DD A0 03 02 01 COM.BR...0......
0060: 17 A1 03 02 01 02 A2 81 D0 04 81 CD 91 C5 8C 7A ...............z
0070: 6E F7 2A 44 33 62 43 CB 96 E1 F2 BC 39 B9 C8 92 n.*D3bC.....9...
0080: DB BA 0E D5 5D FA B4 E4 AA 08 13 D2 7E 2F BE 02 ....]......../..
0090: 43 FC 02 86 C7 BE F6 D6 58 B6 6A 3B A3 B7 F2 1C C.......X.j;....
00A0: 15 33 9A C0 20 BB 4D 77 E0 95 17 26 73 0C CA 5C .3.. .Mw...&s..\
00B0: B7 A5 47 DC 5A 49 25 D6 4F 52 79 1D 74 BC E3 BD ..G.ZI%.ORy.t...
00C0: 8C A8 A0 0B 05 74 F3 61 B7 6C 17 29 DC D1 F6 0B .....t.a.l.)....
00D0: 03 15 16 08 D7 22 5F 8A BC 5B E2 A3 48 58 7B 01 ....."_..[..HX..
00E0: CA 67 27 DF 5C 0C D1 E2 19 67 A7 EC D3 70 CD 94 .g'.\....g...p..
00F0: 97 BE 47 B4 F8 2E 50 5C E0 F7 21 3A 17 D7 F0 25 ..G...P\..!:...%
0100: D7 0F B0 23 F2 E4 94 2C CF E0 D5 5F B2 CA 1E 5B ...#...,..._...[
0110: C0 0D 83 57 70 C8 43 FF 90 F9 33 1F 96 ED A5 99 ...Wp.C...3.....
0120: F1 7F C9 D1 9B 28 C6 50 42 6C 36 F5 4C 41 35 19 .....(.PBl6.LA5.
0130: 7E 73 7A 26 56 71 20 8D 79 .sz&Vq .y
Client Principal = mttsrvdc01/usuarioAD@DOMAIN.COM
Server Principal = krbtgt/DOMAIN.COM@DOMAIN.COM
Session Key = EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 60 46 45 1C F8 FD 44 26 50 B7 40 42 F1 06 A3 2E `FE...D&P.@B....
Forwardable Ticket false
Forwarded Ticket false
Proxiable Ticket false
Proxy Ticket false
Postdated Ticket false
Renewable Ticket false
Initial Ticket false
Auth Time = Thu Sep 04 15:46:17 BRT 2014
Start Time = Thu Sep 04 15:46:17 BRT 2014
End Time = Fri Sep 05 01:46:17 BRT 2014
Renew Till = null
Client Addresses Null
Credencial Privada: C:\usuarioAD.mttsrvdc01.keytab
Credencial Privada: Kerberos Principal mttsrvdc01/usuarioAD@DOMAIN.COMKey Version 6key EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 13 C6 1E 31 93 51 B9 26 78 BE F5 14 72 8D 01 1B ...1.Q.&x...r...
15:46:35,722 INFO [stdout] (http--0.0.0.0-8081-1) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is C:\usuarioAD.mttsrvdc01.keytab refreshKrb5Config is false principal is mttsrvdc01/usuarioAD@DOMAIN.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
15:46:35,733 INFO [stdout] (http--0.0.0.0-8081-1) principal is mttsrvdc01/usuarioAD@DOMAIN.COM
15:46:35,734 INFO [stdout] (http--0.0.0.0-8081-1) Will use keytab
15:46:35,736 INFO [stdout] (http--0.0.0.0-8081-1) Commit Succeeded
15:46:35,737 INFO [stdout] (http--0.0.0.0-8081-1)
15:46:35,759 INFO [stdout] (http--0.0.0.0-8081-1) [Krb5LoginModule]: Entering logout
15:46:35,760 INFO [stdout] (http--0.0.0.0-8081-1) [Krb5LoginModule]: logged out Subject
15:46:35,761 ERROR [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http--0.0.0.0-8081-1) Unable to authenticate: GSSException: Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44))
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:788) [rt.jar:1.7.0_60]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342) [rt.jar:1.7.0_60]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) [rt.jar:1.7.0_60]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:396) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.Subject.doAs(Subject.java:356) [rt.jar:1.7.0_60]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.spnegoLogin(SPNEGOLoginModule.java:237) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.innerLogin(SPNEGOLoginModule.java:194) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:137) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_60]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_60]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_60]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_60]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_60]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_60]
Caused by: KrbException: Specified version of key is not available (44)
at sun.security.krb5.EncryptionKey.findKey(EncryptionKey.java:588) [rt.jar:1.7.0_60]
at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:270) [rt.jar:1.7.0_60]
at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144) [rt.jar:1.7.0_60]
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:108) [rt.jar:1.7.0_60]
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:771) [rt.jar:1.7.0_60]
... 35 more
15:46:35,827 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--0.0.0.0-8081-1) Login failure: javax.security.auth.login.LoginException: Unable to authenticate - Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44))
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:163) [jboss-negotiation-spnego-2.2.0.SP1.jar:2.2.0.SP1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_60]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_60]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_60]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_60]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_60]
at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_60]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-common-2.2.0.SP1.jar:2.2.0.SP1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_60]