Fatal编程技术网
  • java/
  • Java Spring安全性/SPNEGO身份验证问题:校验和失败

Java Spring安全性/SPNEGO身份验证问题:校验和失败

java spring authentication spring-security

Java Spring安全性/SPNEGO身份验证问题:校验和失败,java,spring,authentication,spring-security,spnego,Java,Spring,Authentication,Spring Security,Spnego,对于一个Java项目,我使用SPNEGO的Spring安全性进行身份验证。 我遵循了链接中所示的每一步,但是,当我尝试从不同于服务器的机器上使用IE进行身份验证时,我得到以下错误: 协商头无效:协商YIGEGYRBGEEFBQKGZMWGZCGGJAYBGORBGGEEAYI3AGEIBGORBGGEEAYI3AGIKONIEC5FR09FWFRTAAAAAAAAAAAAAAAABGAAAAAAAAAAAEAEU8IH+9PA/YKFHFFOL0FCG4PSIUY/1UVD6RSRMHDT1GW

对于一个Java项目,我使用SPNEGO的Spring安全性进行身份验证。 我遵循了链接中所示的每一步,但是,当我尝试从不同于服务器的机器上使用IE进行身份验证时,我得到以下错误:

协商头无效:协商YIGEGYRBGEEFBQKGZMWGZCGGJAYBGORBGGEEAYI3AGEIBGORBGGEEAYI3AGIKONIEC5FR09FWFRTAAAAAAAAAAAAAAAABGAAAAAAAAAAAEAEU8IH+9PA/YKFHFFOL0FCG4PSIUY/1UVD6RSRMHDT1GWYKR7WYKR7WJ+/Z5C7XHVZPTNGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYYYYYYYYR9KQQQA6BEPO=:org验证未成功原因:java.security.GeneralSecurityException:校验和失败

以下是我的applicationContext-security.xml:

<http entry-point-ref="spnegoEntryPoint" use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()"/>
<intercept-url pattern="/report" filters="none"/>
<custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_AUTH_FILTER"/>
<intercept-url pattern="/css/**" filters="none"/>
<intercept-url pattern="/resources/**" filters="none"/>
<intercept-url pattern="/js/**" filters="none"/>
<form-login login-page="/login" default-target-url="/report" authentication-failure-url="/accessDenied"/>
<logout logout-url=""/>
</http>
<beans:bean id="spnegoEntryPoint" class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint"/>
<beans:bean id="spnegoAuthenticationProcessingFilter" class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
<beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="kerberosServiceAuthenticationProvider"/>
<authentication-provider ref="kerberosAuthenticationProvider" /> 
</authentication-manager>
<beans:bean id="kerberosServiceAuthenticationProvider" class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
<beans:property name="ticketValidator">
<beans:bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
<beans:property name="servicePrincipal" value="HTTP/web.team.it@team.it/>


添加到您的krb5.conf
默认类型=aes256-cts-hmac-sha1-96
默认类型=aes256-cts-hmac-sha1-96