directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leo Li" <liyilei1...@gmail.com>
Subject [kerberos client]Problem to obtain TGT from KDC.
Date Tue, 23 Oct 2007 08:57:29 GMT
Hi, all

   I am trying to connect to KDC to get a TGT by:
   String hostname = "wks107904wss.cn.ibm.com";
   int port = 88;
   KdcConnection con = new KdcConnection( hostname + ":" + port );
   KerberosTicket tgt = con.getTicketGrantingTicket( clientPrincipal,
password );

   But it fails with such stacktrace:
   Exception in thread "main"
org.apache.directory.client.kerberos.KdcConnectionException:
BAD_ENCRYPTION_TYPE
at org.apache.directory.client.kerberos.GetTicketGrantingTicket.processError(GetTicketGrantingTicket.java:167)
at org.apache.directory.client.kerberos.GetTicketGrantingTicket.execute(GetTicketGrantingTicket.java:153)
at org.apache.directory.client.kerberos.KdcConnection.getTicketGrantingTicket(KdcConnection.java:118)
at org.apache.directory.client.kerberos.KdcConnection.getTicketGrantingTicket(KdcConnection.java:101)
at org.apache.directory.client.kerberos.Main.go(Main.java:62)
at org.apache.directory.client.kerberos.Main.main(Main.java:55)


  And on the kdc side, the server has such log:
  Oct 23 16:12:28 wks107904wss.cn.ibm.com krb5kdc[2304](info) :
AS_REQ(1 etypes{3}) 9.181.106.61:BAD_ENCRYPTION_TYPE:leo@EXAMPLE.COM
for krbtgt/EXAMPLE.COM@EXAMPLE.COM, KDC has no support for encryption
type

  The KDC is provided by redhat enterprise 5 with default setup configuration.

  And if I try the same program in the machine where KDC resides and
run it with "localhost" as host parameter, it will get null TGT and
from the KDC log there seems no further log as if no Kerberos Request
had been sent to KDC.

  Can somebody help?

  Thanks,

-- 
Leo Li
China Software Development Lab, IBM

Mime
View raw message