0
Ich muss Wildfly 10 konfigurieren, um SSO gegen Microsoft Active Directory zu unterstützen. Server läuft unter Windows Server 2012 R2.WildFly 10 läuft unter Windows mit Kerberos Authentifizierung
Ich habe verschiedene Konfigurationen und Empfehlungen von Google ausprobiert.
Jedes Mal, wenn ich
PBOX00206: Anmeldung fehlgeschlagen: javax.security.auth.login.LoginException: Fortsetzung Erforderlich.
Dies muss kein Fehler sein, da es nur angezeigt wird, wenn DEBUG aktiviert ist.
Webbrowser wird 401 - nicht autorisiert.
Ich bleibe dran.
Haben Sie eine Idee, was ist falsch oder was kann ich jetzt tun?
standalone.xml (nur Teile)
<system-properties>
<property name="jboss.security.disable.secdomain.option" value="true" />
<property name="sun.security.krb5.debug" value="true" />
<property name="java.security.krb5.kdc" value="dns.xxx.cz" />
<property name="java.security.krb5.realm" value="XXX.CZ" />
<property name="java.security.krb5.conf" value="d:\\krb5.conf" />
</system-properties>
<security-domain name="host" cache-type="default">
<authentication>
<login-module code="Kerberos" flag="required">
<module-option name="debug" value="true"/>
<module-option name="storeKey" value="true"/>
<module-option name="refreshKrb5Config" value="true"/>
<module-option name="useKeyTab" value="true"/>
<module-option name="doNotPrompt" value="true"/>
<module-option name="keytab" value="d:\\web.keytab"/>
<module-option name="principal" value="HTTP/[email protected]"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="SPNEGO" cache-type="default">
<authentication>
<login-module code="SPNEGOUsers" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="serverSecurityDomain" value="host"/>
</login-module>
<login-module code="AdvancedLdap" flag="requisite">
<module-option name="jaasSecurityDomain" value="host"/>
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="java.naming.provider.url" value="ldap://192.168.1.1:3268"/>
<module-option name="bindDN" value="CN=svc,DC=xxx,DC=cz"/>
<module-option name="bindCredential" value="password"/>
<module-option name="baseCtxDN" value="DC=xxx,DC=cz"/>
<module-option name="baseFilter" value="(userPrincipalName={0})"/>
<module-option name="rolesCtxDN" value="DC=xxx,DC=cz"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="recurseRoles" value="true"/>
<module-option name="allowEmptyPassword" value="false"/>
</login-module>
</authentication>
</security-domain>
Wildfly Ausgang
2016-03-29 13:51:26,011 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) removeRealmFromPrincipal=false
2016-03-29 13:51:26,026 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) serverSecurityDomain=host
2016-03-29 13:51:26,026 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) usernamePasswordDomain=null
2016-03-29 13:51:26,026 INFO [stdout] (default task-4) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is HTTP/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
2016-03-29 13:51:26,026 INFO [stdout] (default task-4) Java config name: d:\\krb5.conf
2016-03-29 13:51:26,026 INFO [stdout] (default task-4) Loaded from Java config
2016-03-29 13:51:26,026 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): xxx.CZ
2016-03-29 13:51:26,026 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): HTTP
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): server.xxx.cz
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTab: load() entry length: 55; type: 1
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): xxx.CZ
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): HTTP
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): server.xxx.cz
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTab: load() entry length: 55; type: 3
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): xxx.CZ
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): HTTP
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): server.xxx.cz
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTab: load() entry length: 63; type: 23
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): xxx.CZ
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): HTTP
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): server.xxx.cz
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTab: load() entry length: 79; type: 18
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): xxx.CZ
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): HTTP
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTabInputStream, readName(): server.xxx.cz
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) >>> KeyTab: load() entry length: 63; type: 17
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) Looking for keys for: HTTP/[email protected]
2016-03-29 13:51:26,042 INFO [stdout] (default task-4) Added key: 17version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Added key: 18version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Added key: 23version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Found unsupported keytype (3) for HTTP/[email protected]
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Found unsupported keytype (1) for HTTP/[email protected]
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) >>> KdcAccessibility: reset
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Looking for keys for: HTTP/[email protected]
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Added key: 17version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Added key: 18version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Added key: 23version: 4
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Found unsupported keytype (3) for HTTP/[email protected]
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) Found unsupported keytype (1) for HTTP/[email protected]
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) default etypes for default_tkt_enctypes: 23 18 17 16.
2016-03-29 13:51:26,058 INFO [stdout] (default task-4) >>> KrbAsReq creating message
2016-03-29 13:51:26,073 INFO [stdout] (default task-4) >>> KrbKdcReq send: kdc=adsrv.xxx.cz UDP:88, timeout=30000, number of retries =3, #bytes=145
2016-03-29 13:51:26,073 INFO [stdout] (default task-4) >>> KDCCommunication: kdc=adsrv.xxx.cz UDP:88, timeout=30000,Attempt =1, #bytes=145
2016-03-29 13:51:26,073 INFO [stdout] (default task-4) >>> KrbKdcReq send: #bytes read=182
2016-03-29 13:51:26,073 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,073 INFO [stdout] (default task-4) PA-DATA type = 19
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-ETYPE-INFO2 etype = 18, salt = XXX.CZHTTPserver.xxx.cz, s2kparams = null
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
2016-03-29 13:51:26,089 INFO [stdout] (default task-4)
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-DATA type = 2
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-ENC-TIMESTAMP
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-DATA type = 16
2016-03-29 13:51:26,089 INFO [stdout] (default task-4)
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) PA-DATA type = 15
2016-03-29 13:51:26,089 INFO [stdout] (default task-4)
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>> KdcAccessibility: remove adsrv.xxx.cz
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>> KDCRep: init() encoding tag is 126 req type is 11
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) >>>KRBError:
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) sTime is Tue Mar 29 13:51:26 CEST 2016 1459252286000
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) suSec is 834289
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) error code is 25
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) error Message is Additional pre-authentication required
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) sname is krbtgt/[email protected]
2016-03-29 13:51:26,089 INFO [stdout] (default task-4) eData provided.
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) msgType is 30
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-DATA type = 19
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-ETYPE-INFO2 etype = 18, salt = XXX.CZHTTPserver.xxx.cz, s2kparams = null
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
2016-03-29 13:51:26,105 INFO [stdout] (default task-4)
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-DATA type = 2
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-ENC-TIMESTAMP
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-DATA type = 16
2016-03-29 13:51:26,105 INFO [stdout] (default task-4)
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) >>>Pre-Authentication Data:
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) PA-DATA type = 15
2016-03-29 13:51:26,105 INFO [stdout] (default task-4)
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) default etypes for default_tkt_enctypes: 23 18 17 16.
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) Looking for keys for: HTTP/[email protected]
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) Added key: 17version: 4
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) Added key: 18version: 4
2016-03-29 13:51:26,105 INFO [stdout] (default task-4) Added key: 23version: 4
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Found unsupported keytype (3) for HTTP/[email protected]
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Found unsupported keytype (1) for HTTP/[email protected]
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Looking for keys for: HTTP/[email protected]
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Added key: 17version: 4
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Added key: 18version: 4
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Added key: 23version: 4
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Found unsupported keytype (3) for HTTP/[email protected]
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) Found unsupported keytype (1) for HTTP/[email protected]
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) default etypes for default_tkt_enctypes: 23 18 17 16.
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) >>> KrbAsReq creating message
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) >>> KrbKdcReq send: kdc=adsrv.xxx.cz UDP:88, timeout=30000, number of retries =3, #bytes=232
2016-03-29 13:51:26,120 INFO [stdout] (default task-4) >>> KDCCommunication: kdc=adsrv.xxx.cz UDP:88, timeout=30000,Attempt =1, #bytes=232
2016-03-29 13:51:26,136 INFO [stdout] (default task-4) >>> KrbKdcReq send: #bytes read=84
2016-03-29 13:51:26,136 INFO [stdout] (default task-4) >>> KrbKdcReq send: kdc=adsrv.xxx.cz TCP:88, timeout=30000, number of retries =3, #bytes=232
2016-03-29 13:51:26,136 INFO [stdout] (default task-4) >>> KDCCommunication: kdc=adsrv.xxx.cz TCP:88, timeout=30000,Attempt =1, #bytes=232
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) >>>DEBUG: TCPClient reading 1478 bytes
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) >>> KrbKdcReq send: #bytes read=1478
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) >>> KdcAccessibility: remove adsrv.xxx.cz
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Looking for keys for: HTTP/[email protected]
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Added key: 17version: 4
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Added key: 18version: 4
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Added key: 23version: 4
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Found unsupported keytype (3) for HTTP/[email protected]
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Found unsupported keytype (1) for HTTP/[email protected]
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) >>> KrbAsRep cons in KrbAsReq.getReply HTTP/server.xxx.cz
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) principal is HTTP/[email protected]
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Will use keytab
2016-03-29 13:51:26,151 INFO [stdout] (default task-4) Commit Succeeded
2016-03-29 13:51:26,167 INFO [stdout] (default task-4)
2016-03-29 13:51:26,167 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) Subject = Subject:
Principal: HTTP/[email protected]
Private Credential: Ticket (hex) =
0000: 61 82 04 50 30 82 04 4C A0 03 02 01 05 A1 08 1B a..P0..L........
0010: 06 41 4E 53 2E 43 5A A2 1B 30 19 A0 03 02 01 02 .XXX.CZ..0......
0020: A1 12 30 10 1B 06 6B 72 62 74 67 74 1B 06 41 4E ..0...krbtgt..AN
0030: 53 2E 43 5A A3 82 04 1C 30 82 04 18 A0 03 02 01 S.CZ....0.......
0040: 12 A1 03 02 01 03 A2 82 04 0A 04 82 04 06 F6 70 ...............p
0050: 6C 89 66 60 B0 8D 98 60 81 3A 13 49 C0 C8 92 96 l.f`...`.:.I....
0060: BE 05 0D 59 F1 98 2C CA AD 7D C2 0E 89 17 1F 36 ...Y..,........6
0070: 55 0B D0 BE 74 E1 45 E9 78 E5 A0 EF A3 0B 7E AA U...t.E.x.......
0080: F7 8D 47 35 EA BE 1F 52 0D 05 77 05 CA 19 FE 4E ..G5...R..w....N
0090: D2 FE 46 DD 70 79 DC 40 D4 AE 70 25 BA BA 48 11 [email protected]%..H.
00A0: EB 1E 5C 4E F0 73 33 D2 98 47 F8 17 F1 0E 9C D2 ..\N.s3..G......
00B0: 23 BD B8 7B 69 C5 FF 43 1E 13 CB 8F 96 C7 3F D1 #...i..C......?.
00C0: 24 4A 5E E0 69 70 2D E3 D0 45 3B 09 0C 4B CA FD $J^.ip-..E;..K..
00D0: 08 97 20 BC BB 71 58 B0 5A 00 D2 C4 7D 3A 0F 26 .. ..qX.Z....:.&
00E0: 56 B3 6C D3 FF FC 6C 4E 51 1D B9 DF BE 02 D0 7B V.l...lNQ.......
00F0: E0 0C B0 21 AA 54 71 07 63 6A 6D 65 34 08 4F 9F ...!.Tq.cjme4.O.
0100: 22 7C 37 70 CF 40 C5 77 56 10 C8 C2 B4 5B 5D BB "[email protected][].
0110: FA C0 51 05 E8 14 04 AE 52 8D 80 AA 31 66 6E 7F ..Q.....R...1fn.
0120: 28 3E 49 35 9E A4 5A ED 21 0A FE D9 B1 96 15 A6 (>I5..Z.!.......
0130: 51 0A A6 AA BB 1D 22 B9 FC 2D 87 65 42 FB 5E 17 Q....."..-.eB.^.
0140: 94 32 2F BA 94 06 7C 3A 9E 56 73 52 59 FE F1 3C .2/....:.VsRY..<
0150: D0 19 5F B3 B3 E3 0D F4 0C 51 1A E2 CF 19 50 61 .._......Q....Pa
0160: BA 55 6A 57 F8 9F 8F F7 43 D7 2B B8 62 22 6E F4 .UjW....C.+.b"n.
0170: B2 A8 CC 09 A9 3B A4 C2 5D D8 75 EA 99 7E 20 93 .....;..].u... .
0180: 33 ED 8B BF 40 CC 82 49 69 F5 05 3D 30 1A 5D D4 [email protected]=0.].
0190: CD E2 A3 DE 36 77 94 63 D2 B4 DE 44 AA 35 BD C9 ....6w.c...D.5..
01A0: 5D 57 4D 10 E6 51 A7 D9 A5 A6 EB 9A A1 2D 88 2C ]WM..Q.......-.,
01B0: 27 F1 C8 8E E9 1B 14 90 88 E7 4E 70 3C 53 EC E7 '.........Np<S..
01C0: 29 84 DA 1C 7E 33 A2 99 9D C5 85 3B 63 67 CE 84 )....3.....;cg..
01D0: 73 41 75 67 9D 6E BC E9 80 0B 1C B4 56 0C AB 92 sAug.n......V...
01E0: 13 79 D2 4D D9 B8 15 91 51 48 ED 7D 30 8B 16 ED .y.M....QH..0...
01F0: C4 AB CE 0D D7 F6 0D 41 7F BA 99 E1 9E 51 8D 82 .......A.....Q..
0200: 2D 2D B9 1B C8 92 71 22 28 43 B2 AD FC 67 A0 10 --....q"(C...g..
0210: 3E 85 61 52 48 C1 2C A7 CC 49 70 7B 1E 32 27 22 >.aRH.,..Ip..2'"
0220: 30 04 DD 4E 6E 45 F3 0B 0F E2 F6 EB 8E CF 0D B7 0..NnE..........
0230: 32 F4 2D 47 E6 B3 13 97 E3 C2 D0 53 84 ED FC 7C 2.-G.......S....
0240: 40 60 52 AC FC 0C C8 C9 D7 D3 C6 C6 F0 33 34 1B @`R..........34.
0250: 8E 6E 12 3B AB 30 34 0C 99 29 11 67 A2 01 75 BB .n.;.04..).g..u.
0260: 8F C2 8F A9 47 71 63 EF 58 17 95 46 57 69 8C 4F ....Gqc.X..FWi.O
0270: 2B 47 50 2E D9 C2 B6 3C 2A FF BD 0E DF FB 72 DF +GP....<*.....r.
0280: 76 58 9A DF 8A 94 DC 7C ED 99 BB D5 DF 27 88 F8 vX...........'..
0290: 65 A2 5F 16 C0 A2 43 FA F3 E7 88 DF 88 62 20 F8 e._...C......b .
02A0: 4A 6C C3 8D 36 3F 82 F4 0C 37 6B BB C1 89 20 12 Jl..6?...7k... .
02B0: 36 9E E2 48 D0 BE 30 09 36 1B 7E 4C 8F 90 D8 C2 6..H..0.6..L....
02C0: 6F 64 E8 DE D4 BE B9 B4 CD 53 F2 B1 29 AF 19 0B od.......S..)...
02D0: 09 93 20 6D CE 92 7D EE DB 38 19 46 04 C1 E4 CE .. m.....8.F....
02E0: DC 05 60 DF 48 30 89 41 3D CA 2A 91 02 5E C5 FA ..`.H0.A=.*..^..
02F0: B0 07 25 E1 06 92 4F CD 61 B9 EB 79 2B E3 31 70 ..%...O.a..y+.1p
0300: CF 9D 30 35 61 E0 ED 17 88 08 87 67 CB E8 B3 05 ..05a......g....
0310: E6 80 2C 2E D7 B8 4B 31 06 64 E5 2D 29 98 64 84 ..,...K1.d.-).d.
0320: B2 97 59 D5 7E B4 38 7D C0 87 B6 79 3A 8E AD 28 ..Y...8....y:..(
0330: E3 01 83 DE E6 9C E2 A6 A2 42 88 2F 13 E6 DF 4A .........B./...J
0340: D4 1A 2D 08 B8 87 7C B3 EF D6 CD 26 CF F3 E9 7C ..-........&....
0350: 97 39 43 6C 38 BC C4 02 53 27 D9 5A 8A BA 8A DF .9Cl8...S'.Z....
0360: 73 48 19 04 6E 7F B7 6D 5D B5 ED A3 0A 1A 2A B8 sH..n..m].....*.
0370: F1 22 A8 AF 82 08 D1 5D 74 04 F8 87 81 55 39 8B .".....]t....U9.
0380: 40 BF C3 26 4F 5C 56 05 C8 9F 2A 3A F2 3D A7 2B @..&O\V...*:.=.+
0390: 48 F3 0A 60 AD 8B 53 A0 8A 86 6F 54 54 1D 84 67 H..`..S...oTT..g
03A0: 23 B4 0F 59 A4 73 94 9F FE 43 63 DF 68 7A F1 8D #..Y.s...Cc.hz..
03B0: B4 B2 C4 CC 42 F0 23 3E 50 5F 64 C1 AD 1C EC 2A ....B.#>P_d....*
03C0: 2D F2 1F 52 F1 81 33 D7 B1 85 D8 98 A7 38 22 7F -..R..3......8".
03D0: 42 00 7E 1F 8C 8D 32 00 B9 F9 61 F2 86 59 4C 69 B.....2...a..YLi
03E0: E0 19 AC 5D 75 E1 98 A6 83 A2 5F 4E C2 6D D9 69 ...]u....._N.m.i
03F0: EC 3B 5D E5 A3 10 F5 24 95 B0 EC E2 FF FC CF 54 .;]....$.......T
0400: BC 2B 43 AD 4A D6 77 A2 1B 54 AE 52 AC 5A E2 75 .+C.J.w..T.R.Z.u
0410: 59 38 C7 64 15 0C CE 18 50 1D 24 9C FE FB 3C 4A Y8.d....P.$...<J
0420: 33 31 4B C6 65 40 F7 8B 4A 35 75 67 1B DD 1F 60 [email protected]`
0430: 10 CF C2 AB 05 8B AD 43 2A 95 FE AA 94 80 98 38 .......C*......8
0440: D8 3C 6A 15 21 40 34 E8 0B 42 73 5A 9A B4 4F D4 .<[email protected]
0450: 17 57 30 D1 .W0.
Client Principal = HTTP/[email protected]
Server Principal = krbtgt/[email protected]
Session Key = EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 10 A6 39 17 84 65 5E 8C 5B 39 22 E4 2A 9E 95 97 ..9..e^.[9".*...
Forwardable Ticket false
Forwarded Ticket false
Proxiable Ticket false
Proxy Ticket false
Postdated Ticket false
Renewable Ticket false
Initial Ticket false
Auth Time = Tue Mar 29 13:51:26 CEST 2016
Start Time = Tue Mar 29 13:51:26 CEST 2016
End Time = Tue Mar 29 23:51:26 CEST 2016
Renew Till = null
Client Addresses Null
Private Credential: Default keytab for HTTP/[email protected]
2016-03-29 13:51:26,198 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) Logged in 'host' LoginContext
2016-03-29 13:51:26,198 INFO [stdout] (default task-4) [Krb5LoginModule]: Entering logout
2016-03-29 13:51:26,198 INFO [stdout] (default task-4) [Krb5LoginModule]: logged out Subject
2016-03-29 13:51:26,198 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-4) NegotiationContext.setContinuationRequired(true)
2016-03-29 13:51:26,214 DEBUG [org.jboss.security] (default task-4) PBOX00206: Login failure: javax.security.auth.login.LoginException: Continuation Required.
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:192)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:333)
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:123)
at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verify(JAASIdentityManagerImpl.java:96)
at org.jboss.security.negotiation.NegotiationMechanism.authenticate(NegotiationMechanism.java:99)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2016-03-29 13:51:26,625 TRACE [org.jboss.security] (default task-3) PBOX00201: End isValid, result = false
2016-03-29 13:51:26,625 TRACE [org.jboss.security.negotiation.common.NegotiationContext] (default task-3) clear 35ec8348
2016-03-29 13:51:26,641 TRACE [org.jboss.security] (default task-3) PBOX00354: Setting security roles ThreadLocal: null
Hallo Vlada, ich versuche zu erreichen, was du hier getan hast und ich würde mich freuen, wenn du die Links von dem schickst, was du getan hast, um dies zu tun. – Nico