You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@harmony.apache.org by John Liu <bl...@gmail.com> on 2007/10/11 04:24:48 UTC

[class][auth]Krb5LoginModule does not work

Hi all:
I found that Krb5LoginModule does not work.

Here is an example:

First, I set a Kerberos V5 server for this test and add a principal
"example@EXAMPLE.COM" with password "1111111".

Then I ran next segment of code:

Krb5LoginModule krb5Login = new Krb5LoginModule();
Map<String,String> options = new HashMap<String,String>();
options.put("principal", "example@EXAMPLE.COM");
Subject subject = new Subject();
krb5Login.initialize(subject, new TextCallbackHandler(), null, options);
krb5Login.login();
krb5Login.commit();

with following vm arguments:
-Djava.security.krb5.realm=EXAMPLE.COM
-Djava.security.krb5.kdc=<kdc ip address>:88
-Djavax.security.auth.useSubjectCredsOnly=false

The exception was thrown as follows:

javax.security.auth.login.LoginException
    at org.apache.harmony.auth.module.Krb5LoginModule.login(
Krb5LoginModule.java:141)
    at
org.apache.harmony.auth.jgss.kerberos.test.TestForKerberosLoginModule.main(
TestForKerberosLoginModule.java:31)
Caused by: org.apache.harmony.auth.internal.kerberos.v5.KerberosException:
Error code: 6
    at org.apache.harmony.auth.internal.kerberos.v5.KrbClient.doAS(
KrbClient.java:157)
    at org.apache.harmony.auth.module.Krb5LoginModule.login(
Krb5LoginModule.java:96)
    ... 1 more

I've reported it on jira HARMONY-4921. Is there anyone familar with it could
help to have a look at it?

Thanks,
John

Re: [class][auth]Krb5LoginModule does not work

Posted by Stepan Mishura <st...@gmail.com>.

On 10/11/07, John Liu <bl...@gmail.com> wrote:
> Hi all:
> I found that Krb5LoginModule does not work.
>

Hi John,

I'd call the current implementation as prototype - I developed/tested
only base protocol logic (i.e. sent request for ticket and parse
respond) it is not expected to work in all cases. So any help/patches
to make it fully functional are greatly appreciated.

Thanks,
Stepan.

> Here is an example:
>
> First, I set a Kerberos V5 server for this test and add a principal
> "example@EXAMPLE.COM" with password "1111111".
>
> Then I ran next segment of code:
>
> Krb5LoginModule krb5Login = new Krb5LoginModule();
> Map<String,String> options = new HashMap<String,String>();
> options.put("principal", "example@EXAMPLE.COM");
> Subject subject = new Subject();
> krb5Login.initialize(subject, new TextCallbackHandler(), null, options);
> krb5Login.login();
> krb5Login.commit();
>
> with following vm arguments:
> -Djava.security.krb5.realm=EXAMPLE.COM
> -Djava.security.krb5.kdc=<kdc ip address>:88
> -Djavax.security.auth.useSubjectCredsOnly=false
>
> The exception was thrown as follows:
>
> javax.security.auth.login.LoginException
>    at org.apache.harmony.auth.module.Krb5LoginModule.login(
> Krb5LoginModule.java:141)
>    at
> org.apache.harmony.auth.jgss.kerberos.test.TestForKerberosLoginModule.main(
> TestForKerberosLoginModule.java:31)
> Caused by: org.apache.harmony.auth.internal.kerberos.v5.KerberosException:
> Error code: 6
>    at org.apache.harmony.auth.internal.kerberos.v5.KrbClient.doAS(
> KrbClient.java:157)
>    at org.apache.harmony.auth.module.Krb5LoginModule.login(
> Krb5LoginModule.java:96)
>    ... 1 more
>
> I've reported it on jira HARMONY-4921. Is there anyone familar with it could
> help to have a look at it?
>
> Thanks,
> John
>