Hi everyone,
Anyone facing problem with implementing Single Sign On with following error :
2015-10-08 16:29:44,768 - WARN : Validation of Kerberos ticket failed: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)
2015-10-08 16:29:44,768 - WARN : java.security.PrivilegedActionException: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:415)
at com.aris.umc.authentication.kerberos.KerberosTicketValidator.getUsernameFromTicket(KerberosTicketValidator.java:57)
at com.aris.umc.authentication.AuthenticationService.loginKerberos(AuthenticationService.java:473)
at com.aris.umc.authentication.AuthenticationService$$EnhancerByGuice$$1476bc65.CGLIB$loginKerberos$42(<generated>)
at com.aris.umc.authentication.AuthenticationService$$EnhancerByGuice$$1476bc65$$FastClassByGuice$$c2708af4.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:72)
at com.aris.umc.aop.ExceptionInterceptor.invoke(ExceptionInterceptor.java:29)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:72)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:52)
at com.aris.umc.authentication.AuthenticationService$$EnhancerByGuice$$1476bc65.loginKerberos(<generated>)
at com.aris.umc.authentication.AuthenticationServiceFC.loginKerberos(AuthenticationServiceFC.java:67)
at com.idsscheer.aris.umc.security.servlet.filter.AbstractAuthenticationFilter.loginAndSetContextKerberos(AbstractAuthenticationFilter.java:189)
at com.idsscheer.aris.umc.security.servlet.filter.UmcAuthKerberosFilter.doFilterInternal(UmcAuthKerberosFilter.java:87)
at com.idsscheer.aris.umc.security.servlet.filter.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:91)
at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:163)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
at com.softwareag.copernicus.web.servletFilter.CompressionFilter.applyGzipWrapper(CompressionFilter.java:137)
at com.softwareag.copernicus.web.servletFilter.CompressionFilter.doFilter(CompressionFilter.java:80)
at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:163)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:45)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:680)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:788)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)
at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(SpNegoContext.java:875)
at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNegoContext.java:548)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)
at com.aris.umc.authentication.kerberos.KerberosValidationAction.run(KerberosValidationAction.java:23)
at com.aris.umc.authentication.kerberos.KerberosValidationAction.run(KerberosValidationAction.java:9)
... 42 more
Caused by: KrbException: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC
at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:273)
at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144)
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:108)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:771)
... 50 more
Notes that SSO was working earlier with ARIS 7.2 configuration.
Any reply appriciated.
Regards,
Wihemdra