On Wed, Feb 3, 2010 at 2:14 AM, Stefan Seelmann <seelmann@apache.org> wrote:
Amila Suriarachchi wrote:
I tried to do the authentication with the following values. (after following the given tutorial )

Bind DN or user : hnelson@EXAMPLE.COM <mailto:hnelson@EXAMPLE.COM>

Bind Password : secret

At kerborose settings

set : Obtain TGT from KDC
set : Use Native System Configuration

That's ok.


Then tried to Authenticate and got the following exception at client side

The authentication failed
 - Request: 1 cancelled
 javax.naming.CommunicationException: Request: 1 cancelled
snip

And following at server side.

[18:41:16] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Additional pre-authentication required (25)
[18:41:16] WARN [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - No server entry found for kerberos principal name ldap/localhost@EXAMPLE.COM

Sorry, there was a small bug in the server.xml. Please set the searchBaseDn of ldapServer:

 <ldapServer ...
           saslHost="localhost"
           saslPrincipal="ldap/localhost@EXAMPLE.COM"
           searchBaseDn="ou=users,dc=example,dc=com"
           ...>

thanks for info.
I'll have a look with this change.

thanks,
Amila.


Kind Regards,
Stefan






--
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/