directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jiajia Li (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DIRKRB-599) Client can not run in kadmin-remote after changing realm
Date Tue, 26 Jul 2016 03:00:23 GMT

     [ https://issues.apache.org/jira/browse/DIRKRB-599?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jiajia Li resolved DIRKRB-599.
------------------------------
    Resolution: Fixed

commit c689c6671061928948bb6a987e9b110d355662c2
Author: plusplusjiajia <jiajia.li@intel.com>
Date:   Tue Jul 26 11:03:50 2016 +0800

    DIRKRB-599 Client can not run in kadmin-remote after changing realm. Contributed by Qing.

> Client can not run in kadmin-remote after changing realm
> --------------------------------------------------------
>
>                 Key: DIRKRB-599
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-599
>             Project: Directory Kerberos
>          Issue Type: Bug
>            Reporter: ChenQing
>            Assignee: ChenQing
>         Attachments: DIRKRB-599-v1.path
>
>
> The steps of run as follows:
> 1)mvn package -Pdist
> 2)run kdcinit. sh bin/kdcinit.sh [server-conf-dir] [keytab]
> 3)start kerby-kdc-server. sh bin/start-kdc.sh [server-conf-dir] [work-dir]
> 4)start admin-server. sh bin/admin-server.sh [conf]
> 5)run remote-admin-client. sh bin/remote-admin-client.sh [conf]
> when run sh bin/remote-admin-client.sh will appear error,give the error information as
follows:
> javax.security.auth.login.LoginException: Unable to obtain password from user
> 	at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:897)
> 	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:760)
> 	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
> 	at sun.reflect.GeneratedMethodAccessor7.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:497)
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
> 	at org.apache.kerby.kerberos.kerb.admin.AuthUtil.loginUsingKeytab(AuthUtil.java:71)
> 	at org.apache.kerby.kerberos.kerb.admin.server.kadmin.impl.DefaultAdminServerHandler.saslNegotiation(DefaultAdminServerHandler.java:114)
> 	at org.apache.kerby.kerberos.kerb.admin.server.kadmin.impl.DefaultAdminServerHandler.run(DefaultAdminServerHandler.java:67)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> 	at java.lang.Thread.run(Thread.java:745)
> Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache
is null isInitiator true KeyTab is /root/directory-kerby/kerby-dist/kdc-dist/mykeytab refreshKrb5Config
is true principal is adminprotocol/localhost tryFirstPass is false useFirstPass is false storePass
is false clearPass is false
> Refreshing Kerberos configuration
> Key for the principal adminprotocol/localhost@EXAMPLE.COM not available in /root/directory-kerby/kerby-dist/kdc-dist/mykeytab
> 		[Krb5LoginModule] authentication failed 
> Unable to obtain password from user



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message