Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5A4359521 for ; Tue, 22 Nov 2011 12:54:34 +0000 (UTC) Received: (qmail 42906 invoked by uid 500); 22 Nov 2011 12:54:34 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 42857 invoked by uid 500); 22 Nov 2011 12:54:34 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 42846 invoked by uid 99); 22 Nov 2011 12:54:34 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Nov 2011 12:54:34 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of akarasulu@gmail.com designates 74.125.82.42 as permitted sender) Received: from [74.125.82.42] (HELO mail-ww0-f42.google.com) (74.125.82.42) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Nov 2011 12:54:25 +0000 Received: by wwe3 with SMTP id 3so7183776wwe.1 for ; Tue, 22 Nov 2011 04:54:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=6SWB6eD0eS8Ug40fUfNNCdWCTK5nuk5HRVPREtLfM5I=; b=YzAVRvi4pd0pT4pxLEZplSiOR087sROZs5zuvF7QhfaWvDU4Lss9GACH2hoQedxnvD RV7W73IXQ1vMoueJcErKHVlJZrf4VrF5DHbX0ZC5I7khInMrqQzU+9ix40KX6AgOVlTq 2784X2VRmWpqk4d/FaQ5VE+XbUHAE5qReT3Po= MIME-Version: 1.0 Received: by 10.216.229.68 with SMTP id g46mr2813249weq.100.1321966445620; Tue, 22 Nov 2011 04:54:05 -0800 (PST) Sender: akarasulu@gmail.com Received: by 10.180.105.193 with HTTP; Tue, 22 Nov 2011 04:54:05 -0800 (PST) Date: Tue, 22 Nov 2011 14:54:05 +0200 X-Google-Sender-Auth: yKWfVlHiQVoDHd7soIAwfmJ0Pzk Message-ID: Subject: [ApacheDS] [Kerberos] Any idea on how we solve this issue with the missing encryption types? From: Alex Karasulu To: Apache Directory Developers List Content-Type: multipart/alternative; boundary=0016e65873d665703e04b2524c9d X-Virus-Checked: Checked by ClamAV on apache.org --0016e65873d665703e04b2524c9d Content-Type: text/plain; charset=ISO-8859-1 Hi all, Seems I'm getting the following failure with the kerberos-test module in the apacheds trunk due to a lack of supported encryption types when using the JDK Krb5 login module. The build is on an Ubuntu machine: akarasulu@stein:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=11.10 DISTRIB_CODENAME=oneiric DISTRIB_DESCRIPTION="Ubuntu 11.10" with the following Maven + Java setup: akarasulu@stein:~$ mvn -v Apache Maven 3.0.3 (r1075438; 2011-02-28 19:31:09+0200) Maven home: /opt/tools/maven/default Java version: 1.6.0_26, vendor: Sun Microsystems Inc. Java home: /usr/lib/jvm/java-6-sun-1.6.0.26/jre Default locale: en_US, platform encoding: UTF-8 OS name: "linux", version: "3.0.0-12-generic", arch: "amd64", family: "unix" Here's the failing test: org.apache.directory.server.kerberos.kdc.KerberosTcpITest.testObtainTickets_AES256() ... and the stack trace ... javax.security.auth.login.LoginException: No supported encryption types listed in default_tkt_enctypes at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.apache.directory.server.kerberos.kdc.KerberosTestUtils.obtainTGT(KerberosTestUtils.java:295) at org.apache.directory.server.kerberos.kdc.AbstractKerberosITest.testObtainTickets(AbstractKerberosITest.java:121) at org.apache.directory.server.kerberos.kdc.KerberosTcpITest.testObtainTickets_AES256(KerberosTcpITest.java:130) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) SNIP ... Caused by: KrbException: No supported encryption types listed in default_tkt_enctypes at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:221) at sun.security.krb5.KrbAsReq.init(KrbAsReq.java:335) at sun.security.krb5.KrbAsReq.<init>(KrbAsReq.java:259) at sun.security.krb5.KrbAsReq.<init>(KrbAsReq.java:61) at sun.security.krb5.Credentials.sendASRequest(Credentials.java:391) at sun.security.krb5.Credentials.acquireTGT(Credentials.java:350) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662) ... 49 more So what should we do because this test will always fail on this Jvm? Should I just ignore it until a reliable test is created? -- Best Regards, -- Alex --0016e65873d665703e04b2524c9d Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi all,

Seems I'm getting the following failure with= the kerberos-test module in the apacheds trunk due to a lack of supported = encryption types when using the JDK Krb5 login module. The build is on an U= buntu machine:

akarasulu@stein:~$ cat /etc/lsb-release=A0
DISTRIB_ID=3DUbuntu
DISTRIB_RELEASE=3D11.10
DISTRIB_= CODENAME=3Doneiric
DISTRIB_DESCRIPTION=3D"Ubuntu 11.10"=

with the following Maven + Java setup:

akarasulu@stein:~$ mvn -v
Apache Maven 3.0.3 (r1075= 438; 2011-02-28 19:31:09+0200)
Maven home: /opt/tools/maven/defau= lt
Java version: 1.6.0_26, vendor: Sun Microsystems Inc.
Java h= ome: /usr/lib/jvm/java-6-sun-1.6.0.26/jre
Default locale: en_US, = platform encoding: UTF-8
OS name: "linux", version: &qu= ot;3.0.0-12-generic", arch: "amd64", family: "unix"= ;

Here's the failing test:

=
org.apache.directory.server.kerberos.kdc.KerberosTcpITest.testObtainTi= ckets_AES256()

=A0... and the stack trace ...

=A0 <testcase time=3D"0.05" classname= =3D"org.apache.directory.server.kerberos.kdc.KerberosTcpITest" na= me=3D"testObtainTickets_AES256">
=A0 =A0 <error m= essage=3D"No supported encryption types listed in default_tkt_enctypes= " type=3D"javax.security.auth.login.LoginException">javax= .security.auth.login.LoginException: No supported encryption types listed i= n default_tkt_enctypes
=A0 =A0 =A0 =A0 at com.sun.security.auth.module.Krb5LoginModule.attemp= tAuthentication(Krb5LoginModule.java:696)
=A0 =A0 =A0 =A0 at com.= sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
=A0 =A0 =A0 =A0 at sun.reflect.NativeMethodAccessorImpl.invoke0(Nat= ive Method)
=A0 =A0 =A0 =A0 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeM= ethodAccessorImpl.java:39)
=A0 =A0 =A0 =A0 at sun.reflect.Delegat= ingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
=A0 =A0 =A0 =A0 at java.lang.reflect.Method.invoke(Method.java:597)
=A0 =A0 =A0 =A0 at javax.security.auth.login.LoginContext.invoke(Login= Context.java:769)
=A0 =A0 =A0 =A0 at javax.security.auth.login.Lo= ginContext.access$000(LoginContext.java:186)
=A0 =A0 =A0 =A0 at j= avax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
=A0 =A0 =A0 =A0 at java.security.AccessController.doPrivileged(Native = Method)
=A0 =A0 =A0 =A0 at javax.security.auth.login.LoginContext= .invokePriv(LoginContext.java:680)
=A0 =A0 =A0 =A0 at javax.secur= ity.auth.login.LoginContext.login(LoginContext.java:579)
=A0 =A0 =A0 =A0 at org.apache.directory.server.kerberos.kdc.KerberosTe= stUtils.obtainTGT(KerberosTestUtils.java:295)
=A0 =A0 =A0 =A0 at = org.apache.directory.server.kerberos.kdc.AbstractKerberosITest.testObtainTi= ckets(AbstractKerberosITest.java:121)
=A0 =A0 =A0 =A0 at org.apache.directory.server.kerberos.kdc.KerberosTc= pITest.testObtainTickets_AES256(KerberosTcpITest.java:130)
=A0 = =A0 =A0 =A0 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<= /div>

=A0SNIP ...

Caused by: KrbException: No= supported encryption types listed in default_tkt_enctypes
=A0 = =A0 =A0 =A0 at sun.security.krb5.internal.crypto.EType.getDefaults(EType.ja= va:221)
=A0 =A0 =A0 =A0 at sun.security.krb5.KrbAsReq.init(KrbAsReq.java:335)<= /div>
=A0 =A0 =A0 =A0 at sun.security.krb5.KrbAsReq.&lt;init&gt= ;(KrbAsReq.java:259)
=A0 =A0 =A0 =A0 at sun.security.krb5.KrbAsRe= q.&lt;init&gt;(KrbAsReq.java:61)
=A0 =A0 =A0 =A0 at sun.security.krb5.Credentials.sendASRequest(Credent= ials.java:391)
=A0 =A0 =A0 =A0 at sun.security.krb5.Credentials.a= cquireTGT(Credentials.java:350)
=A0 =A0 =A0 =A0 at com.sun.securi= ty.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:6= 62)
=A0 =A0 =A0 =A0 ... 49 more

So what sho= uld we do because this test will always fail on this Jvm? Should I just ign= ore it until a reliable test is created?

--
Be= st Regards,
-- Alex

--0016e65873d665703e04b2524c9d--