On Tue, Nov 22, 2011 at 3:04 PM, Pierre-Arnaud Marcelot <pa@marcelot.net> wrote:
Hi Alex,

I remember having dealt with something similar recently with a user on IRC.

Turns out its /etc/krb5.conf file contained wrong values, if I recall correctly.

You might also make sure you have the 'krb5-user' package installed via apt-get.


Hey thanks for the heads up and I did this installing all the packages needed yet got the same error in the end. :/ 

I even restarted my session just in case something was getting cached in the env.  

Any other ideas?

Thanks,
Alex
 

On 22 nov. 2011, at 13:54, Alex Karasulu wrote:

> Hi all,
>
> Seems I'm getting the following failure with the kerberos-test module in the apacheds trunk due to a lack of supported encryption types when using the JDK Krb5 login module. The build is on an Ubuntu machine:
>
> akarasulu@stein:~$ cat /etc/lsb-release
> DISTRIB_ID=Ubuntu
> DISTRIB_RELEASE=11.10
> DISTRIB_CODENAME=oneiric
> DISTRIB_DESCRIPTION="Ubuntu 11.10"
>
> with the following Maven + Java setup:
>
> akarasulu@stein:~$ mvn -v
> Apache Maven 3.0.3 (r1075438; 2011-02-28 19:31:09+0200)
> Maven home: /opt/tools/maven/default
> Java version: 1.6.0_26, vendor: Sun Microsystems Inc.
> Java home: /usr/lib/jvm/java-6-sun-1.6.0.26/jre
> Default locale: en_US, platform encoding: UTF-8
> OS name: "linux", version: "3.0.0-12-generic", arch: "amd64", family: "unix"
>
> Here's the failing test:
>
> org.apache.directory.server.kerberos.kdc.KerberosTcpITest.testObtainTickets_AES256()
>
>  ... and the stack trace ...
>
>   <testcase time="0.05" classname="org.apache.directory.server.kerberos.kdc.KerberosTcpITest" name="testObtainTickets_AES256">
>     <error message="No supported encryption types listed in default_tkt_enctypes" type="javax.security.auth.login.LoginException">javax.security.auth.login.LoginException: No supported encryption types listed in default_tkt_enctypes
>         at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
>         at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:597)
>         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>         at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>         at org.apache.directory.server.kerberos.kdc.KerberosTestUtils.obtainTGT(KerberosTestUtils.java:295)
>         at org.apache.directory.server.kerberos.kdc.AbstractKerberosITest.testObtainTickets(AbstractKerberosITest.java:121)
>         at org.apache.directory.server.kerberos.kdc.KerberosTcpITest.testObtainTickets_AES256(KerberosTcpITest.java:130)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
>  SNIP ...
>
> Caused by: KrbException: No supported encryption types listed in default_tkt_enctypes
>         at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:221)
>         at sun.security.krb5.KrbAsReq.init(KrbAsReq.java:335)
>         at sun.security.krb5.KrbAsReq.&lt;init&gt;(KrbAsReq.java:259)
>         at sun.security.krb5.KrbAsReq.&lt;init&gt;(KrbAsReq.java:61)
>         at sun.security.krb5.Credentials.sendASRequest(Credentials.java:391)
>         at sun.security.krb5.Credentials.acquireTGT(Credentials.java:350)
>         at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662)
>         ... 49 more
>
> So what should we do because this test will always fail on this Jvm? Should I just ignore it until a reliable test is created?
>
> --
> Best Regards,
> -- Alex
>




--
Best Regards,
-- Alex