登录
当前位置: 首页 > 知识库问答 >
问题:

KerberosSpringjavax.security.auth.login.登录异常:无法从用户获取密码

华烈
2023-03-14

我正在现有的JavaSpring应用程序中实现kerberos身份验证。我的unix团队为我提供了SPN,krb5。conf和keytab文件。我正在努力使用下面的代码和配置,但无法从下面附加的日志中的用户异常中获取密码。

有人能纠正我吗?如果我做错了什么或者可能出了什么问题?如果你需要更多关于这方面的信息,请告诉我。如果有人能告诉我,如何验证kerberos配置是否正确,那就太好了?
以下是我尝试过的。我正在使用:

  • JDK 1.6
  • Spring-security-kerberos-core-1.0.0. M2.jar
  • sping-security-core-3.0.1. RELEASE. jar
  • sping-security-config-3.0.1. RELEASE. jar
  • sping-security-web-3.0.1. RELEASE. jar

我的安全配置。xml是:

<?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:util="http://www.springframework.org/schema/util"
           xmlns:beans="http://www.springframework.org/schema/beans"
           xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans.xsd
           http://www.springframework.org/schema/util
           http://www.springframework.org/schema/util/spring-util-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<beans:bean class="com.ci.util.TrimmingPropertyPlaceholderConfigurer">
        <beans:property name="searchSystemEnvironment" value="true" />
        <beans:property name="locations">
            <beans:list>
                <beans:value>file:${install.home}/config/application.properties
                </beans:value>
                <beans:value>file:${install.home}/config/environment.properties
                </beans:value>
            </beans:list>
        </beans:property>
    </beans:bean>

    <http entry-point-ref="spnegoEntryPoint" auto-config="false">
        <intercept-url pattern="/selectBlacklisting*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/j_spring_security_check*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
     <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />

     <custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_AUTH_FILTER" />
        <form-login login-page="/selectBlacklisting.form" default-target-url="/" always-use-default-target="true"/>
   </http>

   <authentication-manager alias="authenticationManager">
      <authentication-provider ref="kerberosServiceAuthenticationProvider" />
      <authentication-provider ref="kerberosAuthenticationProvider"/>
   </authentication-manager>

    <beans:bean id="spnegoEntryPoint"
  class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint" />

 <beans:bean id="spnegoAuthenticationProcessingFilter"
  class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
  <beans:property name="authenticationManager" ref="authenticationManager" />
 </beans:bean>

    <beans:bean id="kerberosServiceAuthenticationProvider"
  class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
  <beans:property name="ticketValidator">
   <beans:bean
    class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
    <beans:property name="servicePrincipal" value="${servicePrincipal.url}"/>
    <beans:property name="keyTabLocation" value="${keyTabLocation.url}" />
    <beans:property name="debug" value="true"/>
   </beans:bean>
  </beans:property>
  <beans:property name="userDetailsService" ref="dummyUserDetailsService" />
 </beans:bean>

    <beans:bean id="kerberosAuthenticationProvider" class="org.springframework.security.extensions.kerberos.KerberosAuthenticationProvider">
  <beans:property name="kerberosClient">
   <beans:bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosClient">
    <beans:property name="debug" value="true" />
   </beans:bean>
  </beans:property>
  <beans:property name="userDetailsService" ref="dummyUserDetailsService" />
 </beans:bean>

    <beans:bean class="org.springframework.security.extensions.kerberos.GlobalSunJaasKerberosConfig">
  <beans:property name="debug" value="true" />
  <beans:property name="krbConfLocation" value="${krbConfLocation.url}" />
 </beans:bean>

    <beans:bean id="dummyUserDetailsService" class="com.ci.manager.interceptor.DummyUserDetailService"/>

  </beans:beans>

上述安全配置中使用的属性值。xml:

servicePrincipal.url=HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE  
  keyTabLocation.url=file:/MY_APP_ITE3/appmanager/50.T0.17/config/xyzcard-sit1.keytab
  krbConfLocation.url=/etc/krb5/krb5.conf

我的DummyUserDetailService:

public class DummyUserDetailService implements UserDetailsService {
    private static final Logger LOGGER = Logger.getLogger(DummyUserDetailService.class);
    public DummyUserDetailService(){
        LOGGER.info("DummyUserDetailService constructor called>>>>>>>>>");
    }


public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    LOGGER.info("loadUserByUsername method called>>>>>>>>>"+username);
    LOGGER.info("loadUserByUsername method called>AuthorityUtils.createAuthorityList>>>>>>>>"+AuthorityUtils.createAuthorityList("ROLE_USER"));
    return new User(username, "notUsed",true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_USER"));
}

}

我的web.xml是:

    <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
        version="2.4">

        <display-name>Customer Intelligence Management Tool</display-name>
        <distributable/>
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>
                org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>    
        </filter>

        <filter-mapping>
              <filter-name>springSecurityFilterChain</filter-name>
              <url-pattern>/*</url-pattern>
        </filter-mapping>
         <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/security-config.xml</param-value>
        </context-param>     
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener> 

        <servlet>
            <servlet-name>app-manager</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <init-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>
                    /WEB-INF/applicationContext.xml,
                    /WEB-INF/app-manager-servlet.xml
                </param-value>
            </init-param>
            <load-on-startup>1</load-on-startup>
        </servlet>

        <servlet-mapping>
            <servlet-name>app-manager</servlet-name>
            <url-pattern>*.form</url-pattern>
        </servlet-mapping>

        <session-config>
            <session-timeout>15</session-timeout>
        </session-config>

        <welcome-file-list>
            <welcome-file>/WEB-INF/jsp/index.jsp</welcome-file>
        </welcome-file-list>

        <error-page>
            <error-code>500</error-code>
            <location>/WEB-INF/jsp/Error.jsp</location>
        </error-page>

        <error-page>
            <error-code>404</error-code>
            <location>/WEB-INF/jsp/FileNotFound.jsp</location>
        </error-page>
    </web-app>

显示异常的应用程序日志:

  015-04-20 13:07:42 ERROR  org.springframework.web.context.ContextLoader[ContextLoader.java:219(initWebApplicationContext)] - Context initialization failed
        org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot create inner bean '(inner bean)' of type [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean] while setting bean property 'parent'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:125)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:562)
            at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:871)
            at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:423)
            at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272)
            at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196)
            at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
            at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764)
            at org.apache.catalina.core.StandardContext.start(StandardContext.java:4216)
            at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
            at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
            at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
            at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
            at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
            at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
            at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
            at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
            at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
            at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
            at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
            at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
            at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
            at org.apache.catalina.core.StandardService.start(StandardService.java:448)
            at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
            at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
            at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:150)
            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:109)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:274)
            ... 39 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:355)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:27)
            at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:143)
            ... 41 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
            ... 55 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1403)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)
            ... 65 more
        Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

            at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:789)
            at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:654)
            at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
            at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
            at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
            at java.security.AccessController.doPrivileged(Native Method)
            at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
            at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
            at org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator.afterPropertiesSet(SunJaasKerberosTicketValidator.java:125)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1400)
            ... 68 more

服务器日志:

Apr 22, 2015 8:29:38 AM org.apache.catalina.loader.WebappClassLoader validateJarFile
        INFO: validateJarFile(/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/work/Catalina/localhost/app-manager/WEB-INF/lib/j2ee-1.4.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
        Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab refreshKrb5Config is false principal is HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE tryFirstPass is false useFirstPass is false storePass is false clearPass is false
        >>> KeyTabInputStream, readName(): SYSTEMS.PRIVATE
        >>> KeyTabInputStream, readName(): HTTP
        >>> KeyTabInputStream, readName(): srv-xyzcard-sit1.systems.private
        >>> KeyTab: load() entry length: 88; type: 23
        Key for the principal HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE not available in file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab
          [Krb5LoginModule] authentication failed 
        Unable to obtain password from user

        Apr 22, 2015 8:29:52 AM org.apache.catalina.core.StandardContext start

共有2个答案

广楚
2023-03-14

谢谢你的回复。我已经解决了这个问题,问题是我的keytab。我的keytab文件不包含我正在寻找的SPN。它是用错误的SPN生成的。我尝试了一些虚拟的SPN,发现我得到了同样的异常,然后要求团队验证或生成新的keytab。

汲品
2023-03-14

这可能是由于安全配置上没有解析属性值。您能硬代码跟踪并再试一次吗?

   <beans:property name="servicePrincipal" value="HTTP/xyzcard-sit1.systems.private@SYSTEMS.PRIVATE"/>
<beans:property name="keyTabLocation" value="file:YOUR KEY TAB LOCATION >>/mykey.keytabl" />

您的错误已从javax抛出。安全啊。登录。LoginContext的init方法没有正确设置,因此它应该与keytab文件或服务原则有关。

 类似资料:
  • 无法登录Google Android获取API异常10

    我一直在尝试将Firebase Google Login集成到我的应用程序中,但我得到了com.Google.android.gms.common.api.apiException:10: 基于这个堆栈溢出问题,我甚至尝试使用WebClient客户端ID,但仍然得到相同的错误! 基于这个堆栈溢出问题,我输入了调试密钥库SHA1、SHA256并启用了Google登录 在Android方面,我关注了这

  • 用户使用用户名和密码登录时获取用户ID

    问题内容: 我需要输入USER表的USER_ID字段作为另一个表中的外键。因此,我认为我需要在用户登录时启动一个会话。我很难让它在任何地方回显。我能够启动一个会话,该会话允许我回显USERNAME,但无法将其复制为ID。 请帮忙吗?我的处理代码如下。我还粘贴了本节,我暂时尝试对其进行回显以进行测试。 处理脚本: 我希望USER_ID出现在哪里: 问题答案: 使用FETCH_ASSOC而不是FETC

  • AngularJS-html5Mode-无法获取/登录

    问题内容: 嗨,您已经用yeoman,grunt和bower创建了一个angularJS应用程序。我已经为应用程序启用了html5Mode。及其工作。但是,当我刷新页面(localhost:9000 / login)时,它说 这是应用程序结构 这是我的 app.js 路由 这是我的Gruntfile.js 我已经解决了这个问题。根据已接受的答案,我将Gruntfile.js更改为以下内容。 但是刷

  • 无法获取用户的密钥

    这是获取用户帐户及其Api密钥的endpoint:https://dev.openclinica.com/apidoc/#api-User_Account-getAccountByUserName使用带有postman的follingendpoint 后http://89.221.253.174:8080/OpenClinica/pages/accounts/login?username=pran

  • 获取登录用户信息

    cmf_get_current_user() 功能 获取当前登录的前台用户的信息,未登录时,返回false 参数 无 返回 array:用户信息;false表示未登录;

  • 登录时从用户集合中获取用户数据

    我目前正在处理一个在客户端初始化了firebase的应用程序。当用户通过 firebase 登录时,我想从 firestore 中获取用户的数据。我目前正在侦听器中执行此操作并成功获取用户。我想知道这是否是获取用户数据的最佳方式。我的代码如下: 我主要担心的是,每次刷新应用程序时都会获取用户的数据。关于此事的任何建议或最佳做法将不胜感激

相关问答

无法使用客户端ID/秘密Azure ADB2C登录验证登录crendentials时在loadUserByUsername方法中获取nullpointer异常无法登录admob帐户无法登录Docker帐户无法获取Jedis连接,嵌套异常:无法从池中获取资源

相关文章

无法登录Docker帐户从Jenkins Workflow(Pipeline)插件获取登录Jenkins的用户名从数据库中获取每天登录的用户名无法使用ApachePOI打开Excel-获取异常不使用密码手动登录用户

相关阅读

Spring MVC拦截器实现用户登录权限验证JMeter录制登录测试Firebase使用Github账号登录Firebase使用Google账号登录Dart异常

相关工具

类似Twitter的登录框HDCP加密/解密算法iOS 图片获取和缩放获取网页的所有图片密切

相关文档

常用算法实现方法小米人脸算法用户文档常规算法教程用户画像Redis 常用命令
快捷导航: 新手教程 算法原理 架构设计 Java进阶 数据库进阶 大厂专栏 面试经验 编程笔记 编程问答 所有专题 文档资料 工具软件 电子书籍 小牛导航
在线工具: 房贷计算器 个税计算器 Linux命令查询 Json格式化 正则表达式 颜色转换 AES加解密 SHA1加密 MD5加密 毒鸡汤 字数统计 随机密码生成 进制转换 Base64编解码 励志句子
Copyright © 2019-2024 小牛知识库@xnip.cn. All Rights Reserved.