Java Kerberos Preauthentication Error
https://stackoverflow.com/questions/12822496
-
06-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
We have two different applications in our network, both use Kerberos to authenticate users. One of them makes problems when the max. ticket lifetime has expired.
Successful request with application x:
AS-REQ =>
<= KRB5KDC_ERR_PREAUTH_REQUIRED
AS-REQ =>
<= AS-REP
Unsuccessful request with application y:
AS-REQ =>
<= KRB5KDC_ERR_PREAUTH_REQUIRED
AS-REQ =>
<= KRB5KDC_ERR_PREAUTH_FAILED
The only difference we can see in network captures is that app x uses NT-PRINCIPAL, while app y uses NT-ENTERPRISE. App y runs on Java 1.6, so the preauth bug from earlier versions shouldn't occur.
Any ideas are highly appreciated.
해결책
I think that the solution to this issue was to re-generate our keytabs with the "/crypto All" option, but I'm not 100% sure. At least we had no more complaints after that.
제휴하지 않습니다 StackOverflow
