directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Backman <andr...@kontorsplatsen.se>
Subject Re: Kerberized SSH keeps asking for password
Date Wed, 03 Feb 2010 09:06:14 GMT
I've cut out everything before the Kerberos server starts.

Ok.. here goes.

 Starting the Kerberos server
 [08:59:06] INFO [org.apache.directory.server.Service] - Starting the Kerberos server
            _                     _          _  __ ____   ___    
           / \   _ __    ___  ___
          / _ \ 
         / ___ \
        /_/   \_\ .__/ \__,_
                
 
 [08:59:06] INFO [org.apache.directory.server.kerberos.kdc.KdcServer] - Kerberos service started.
 Kerberos service started.
 Kerberos server started
 [08:59:06] INFO [org.apache.directory.server.Service] - Kerberos server: started in 10 milliseconds
 [08:59:06] INFO [org.apache.directory.server.Service] - Cannot find any reference to the HTTP Server in the server.xml file : the server won't be started
 [08:59:06] INFO [org.apache.directory.server.ldap.LdapServer] - Added Extended Request Handler: 1.3.6.1.4.1.1466.20037
 [08:59:06] ERROR [org.apache.directory.server.core.security.CoreKeyStoreSpi] - Failed on attempt to extract key.
 java.lang.NullPointerException
 	at org.apache.directory.server.core.security.TlsKeyGenerator.getKeyPair(TlsKeyGenerator.java:167)
 	at org.apache.directory.server.core.security.CoreKeyStoreSpi.engineGetKey(CoreKeyStoreSpi.java:230)
 	at java.security.KeyStore.getKey(KeyStore.java:763)
 	at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
 	at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
 	at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
 	at org.apache.directory.server.ldap.handlers.extended.StartTlsHandler.setLdapServer(StartTlsHandler.java:169)
 	at org.apache.directory.server.ldap.LdapServer.startNetwork(LdapServer.java:488)
 	at org.apache.directory.server.ldap.LdapServer.start(LdapServer.java:394)
 	at org.apache.directory.server.Service.start(Service.java:328)
 	at org.apache.directory.daemon.Bootstrapper.callStart(Bootstrapper.java:170)
 	at org.apache.directory.daemon.TanukiBootstrapper.start(TanukiBootstrapper.java:55)
 	at org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:2788)
 [08:59:06] INFO [org.apache.directory.server.ldap.LdapServer] - Added Extended Request Handler: 1.3.6.1.4.1.18060.0.1.3
 [08:59:06] INFO [org.apache.directory.server.ldap.LdapServer] - Added Extended Request Handler: 1.3.6.1.4.1.18060.0.1.1
 [08:59:06] ERROR [org.apache.directory.server.Service] - Cannot start the server : reuseAddress can't be set while the acceptor is bound.
 [08:59:07] WARN [org.apache.directory.server.ldap.LdapProtocolHandler] - Null LdapSession given to cleanUpSession.
 [08:59:17] WARN [org.apache.directory.server.ldap.LdapProtocolHandler] - Unexpected exception forcing session to close: sending disconnect notice to client.
 java.lang.NullPointerException
 	at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:129)
 	at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
 	at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:232)
 	at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:194)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:71)
 	at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)
 	at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:480)
 	at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:434)
 	at java.lang.Thread.run(Thread.java:619)
 [08:59:17] WARN [org.apache.directory.server.ldap.LdapProtocolHandler] - Null LdapSession given to cleanUpSession.
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:47068 CREATED:  datagram
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:47068 OPENED
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:47068 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@6483e5f1
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Received Authentication Service (AS) request:
 	messageType:           AS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.91
 	nonce:                 790659966
 	kdcOptions:            RENEWABLE_OK
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             20100203075942Z
 	till time:             20100204075942Z
 	renew-till time:       null
 	hostAddresses:         null
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type des-cbc-md5 (3).
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=andreas,cn=admin,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: posixAccount
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: andreas
     loginShell: /bin/bash
     userpassword: '**********'
     cn: Andreas Backman
     sn: Backman
     homeDirectory: /home/andreas
     uidNumber: 2000
     gidNumber: 20000
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xDF 0x83 0x6E 0xC1 0x54 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0xD0 0x62 0x43 0x62 0x97 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x4B 0xE0 0xE2 0xCC 0x39 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x3D 0x98 0x30 0x5D 0x09 ...'
     krb5PrincipalName: andreas@KPLATSEN.LOCAL
  for kerberos principal name andreas@KPLATSEN.LOCAL
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using SAM subsystem.
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using encrypted timestamp.
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Entry for client principal andreas@KPLATSEN.LOCAL has no SAM type.  Proceeding with standard pre-authentication.
 [08:59:43] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Additional pre-authentication required (25)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Additional pre-authentication required
 	at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.verifyEncryptedTimestamp(AuthenticationService.java:268)
 	at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.execute(AuthenticationService.java:106)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:145)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Additional pre-authentication required
 	error code:            25
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203075943Z
 [08:59:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:47068 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@2bab5dae
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:51947 CREATED:  datagram
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:51947 OPENED
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:51947 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@6e8ef177
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Received Authentication Service (AS) request:
 	messageType:           AS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.91
 	nonce:                 790659966
 	kdcOptions:            RENEWABLE_OK
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             20100203075942Z
 	till time:             20100204075942Z
 	renew-till time:       null
 	hostAddresses:         null
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type des-cbc-md5 (3).
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=andreas,cn=admin,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: posixAccount
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: andreas
     loginShell: /bin/bash
     userpassword: '********'
     cn: Andreas Backman
     sn: Backman
     homeDirectory: /home/andreas
     uidNumber: 2000
     gidNumber: 20000
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xDF 0x83 0x6E 0xC1 0x54 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0xD0 0x62 0x43 0x62 0x97 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x4B 0xE0 0xE2 0xCC 0x39 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x3D 0x98 0x30 0x5D 0x09 ...'
     krb5PrincipalName: andreas@KPLATSEN.LOCAL
  for kerberos principal name andreas@KPLATSEN.LOCAL
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using SAM subsystem.
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using encrypted timestamp.
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Entry for client principal andreas@KPLATSEN.LOCAL has no SAM type.  Proceeding with standard pre-authentication.
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Pre-authentication by encrypted timestamp successful for andreas@KPLATSEN.LOCAL.
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '**********'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Ticket will be issued for access to krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL.
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Monitoring Authentication Service (AS) context:
 	clockSkew              300000
 	clientAddress          /192.168.103.91
 	principal              andreas@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              andreas@KPLATSEN.LOCAL
 	SAM type               null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	SAM type               null
 	Request key type       des-cbc-md5 (3)
 	Client key version     0
 	Server key version     0
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Responding with Authentication Service (AS) reply:
 	messageType:           AS_REP
 	protocolVersionNumber: 5
 	nonce:                 790659966
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	client realm:          KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server realm:          KPLATSEN.LOCAL
 	auth time:             20100203075949Z
 	start time:            null
 	end time:              20100204075942Z
 	renew-till time:       null
 	hostAddresses:         null
 [08:59:49] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:51947 SENT:  org.apache.directory.server.kerberos.shared.messages.AuthenticationReply@3844006e
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:36333 CREATED:  datagram
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:36333 OPENED
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:36333 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@3a0b2c64
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.91
 	nonce:                 1265184026
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100204075942Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Verifying body checksum type 'RSA_MD5'.
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=sa-1.base.kplatsen.local,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: krb5KDCEntry
     objectClass: inetOrgPerson
     objectClass: top
     uid: sa-1.base.kplatsen.local
     cn: SSH Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0x0E 0xDC 0xBC 0x89 0x58 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0x4A 0x5D 0x11 0x7A 0x05 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x34 0x31 0xA8 0xD9 0xD6 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x18 0xB0 0xDE 0x38 0xC8 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0xFE 0xFD 0x0B 0x4F 0xD3 ...'
     krb5PrincipalName: host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
  for kerberos principal name host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Monitoring Ticket-Granting Service (TGS) context:
 	clockSkew              300000
 	checksumType           RSA_MD5
 	clientAddress          /192.168.103.91
 	clientAddresses        null
 	caddr contains sender  false
 	principal              host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
 	SAM type               null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	SAM type               null
 	Ticket key type        des-cbc-md5 (3)
 	Service key version    0
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Responding with Ticket-Granting Service (TGS) reply:
 	messageType:           TGS_REP
 	protocolVersionNumber: 5
 	nonce:                 1265184026
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	client realm:          KPLATSEN.LOCAL
 	serverPrincipal:       host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
 	server realm:          KPLATSEN.LOCAL
 	auth time:             20100203075949Z
 	start time:            20100203080026Z
 	end time:              20100204075942Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:26] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:36333 SENT:  org.apache.directory.server.kerberos.shared.messages.TicketGrantReply@62029d75
 [09:00:43] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:47068 CLOSED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:57035 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:57035 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:57035 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@5043153c
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       host/workstation-190.work.kplatsen.local@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:57035 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@64273f4e
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:41564 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:41564 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:41564 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@4cad4d40
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       krbtgt/WORK.KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:41564 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@103c37f4
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:49832 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:49832 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:49832 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@617d7c7f
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       host/workstation-190.work.kplatsen.local@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:49832 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@7578a7d9
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50868 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50868 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50868 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@4453d3cf
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       krbtgt/WORK.KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50868 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@79f7896f
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50633 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50633 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50633 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@6a6014f7
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       host/workstation-190.work.kplatsen.local@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:50633 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@4a009ab0
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:55819 CREATED:  datagram
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:55819 OPENED
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:55819 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@6dabbec4
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Received Ticket-Granting Service (TGS) request:
 	messageType:           TGS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.103.10
 	nonce:                 1265184046
 	kdcOptions:            
 	clientPrincipal:       null
 	serverPrincipal:       krbtgt/WORK.KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             null
 	till time:             20100130125641Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:46] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Integrity check on decrypted field failed
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption.getDecryptedData(DesCbcMd5Encryption.java:105)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.decrypt(CipherTextHandler.java:190)
 	at org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler.unseal(CipherTextHandler.java:165)
 	at org.apache.directory.server.kerberos.shared.KerberosUtils.verifyAuthHeader(KerberosUtils.java:389)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.verifyTgtAuthHeader(TicketGrantingService.java:276)
 	at org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService.execute(TicketGrantingService.java:101)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:158)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Integrity check on decrypted field failed
 	error code:            31
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080046Z
 [09:00:46] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.10:55819 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@26796e1c
 [09:00:49] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.103.91:51947 CLOSED
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:41153 CREATED:  datagram
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:41153 OPENED
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:41153 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@21e3cc77
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Received Authentication Service (AS) request:
 	messageType:           AS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.104.190
 	nonce:                 697270466
 	kdcOptions:            RENEWABLE_OK
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             20100203080153Z
 	till time:             20100204080153Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=andreas,cn=admin,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: posixAccount
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: andreas
     loginShell: /bin/bash
     userpassword: '0x57 0x64 0x3D 0x6E 0x73 0x48 0x4B 0x35 0x35 0x36 '
     cn: Andreas Backman
     sn: Backman
     homeDirectory: /home/andreas
     uidNumber: 2000
     gidNumber: 20000
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xDF 0x83 0x6E 0xC1 0x54 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0xD0 0x62 0x43 0x62 0x97 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x4B 0xE0 0xE2 0xCC 0x39 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x3D 0x98 0x30 0x5D 0x09 ...'
     krb5PrincipalName: andreas@KPLATSEN.LOCAL
  for kerberos principal name andreas@KPLATSEN.LOCAL
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using SAM subsystem.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using encrypted timestamp.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Entry for client principal andreas@KPLATSEN.LOCAL has no SAM type.  Proceeding with standard pre-authentication.
 [09:00:50] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Additional pre-authentication required (25)
 org.apache.directory.server.kerberos.shared.exceptions.KerberosException: Additional pre-authentication required
 	at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.verifyEncryptedTimestamp(AuthenticationService.java:268)
 	at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.execute(AuthenticationService.java:106)
 	at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:145)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
 	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
 	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
 	at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
 	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 	at java.lang.Thread.run(Thread.java:619)
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error:
 	explanatory text:      Additional pre-authentication required
 	error code:            25
 	clientPrincipal:       null
 	client time:           null
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server time:           20100203080050Z
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:41153 SENT:  org.apache.directory.server.kerberos.shared.messages.ErrorMessage@7284aa02
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:53333 CREATED:  datagram
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:53333 OPENED
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:53333 RCVD:  org.apache.directory.server.kerberos.shared.messages.KdcRequest@63b5a40a
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Received Authentication Service (AS) request:
 	messageType:           AS_REQ
 	protocolVersionNumber: 5
 	clientAddress:         192.168.104.190
 	nonce:                 697270466
 	kdcOptions:            RENEWABLE_OK
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	encryptionType:        aes128-cts-hmac-sha1-96 (17), rc4-hmac (23), des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18), des3-cbc-sha1-kd (16), des-cbc-md4 (2), des-cbc-crc (1)
 	realm:                 KPLATSEN.LOCAL
 	from time:             20100203080153Z
 	till time:             20100204080153Z
 	renew-till time:       null
 	hostAddresses:         null
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type des-cbc-md5 (3).
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=andreas,cn=admin,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: posixAccount
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: andreas
     loginShell: /bin/bash
     userpassword: '0x57 0x64 0x3D 0x6E 0x73 0x48 0x4B 0x35 0x35 0x36 '
     cn: Andreas Backman
     sn: Backman
     homeDirectory: /home/andreas
     uidNumber: 2000
     gidNumber: 20000
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xDF 0x83 0x6E 0xC1 0x54 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0xD0 0x62 0x43 0x62 0x97 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x4B 0xE0 0xE2 0xCC 0x39 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x3D 0x98 0x30 0x5D 0x09 ...'
     krb5PrincipalName: andreas@KPLATSEN.LOCAL
  for kerberos principal name andreas@KPLATSEN.LOCAL
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using SAM subsystem.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Verifying using encrypted timestamp.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Entry for client principal andreas@KPLATSEN.LOCAL has no SAM type.  Proceeding with standard pre-authentication.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Pre-authentication by encrypted timestamp successful for andreas@KPLATSEN.LOCAL.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry
     dn[n]: uid=krbtgt,ou=kontorsplatsen,ou=world
     objectClass: organizationalPerson
     objectClass: person
     objectClass: krb5Principal
     objectClass: inetOrgPerson
     objectClass: krb5KDCEntry
     objectClass: top
     uid: krbtgt
     cn: KDC Service
     sn: Service
     userpassword: '*******'
     krb5KeyVersionNumber: 0
     krb5Key: '0x30 0x21 0xA0 0x03 0x02 0x01 0x10 0xA1 0x1A 0x04 0x18 0xC8 0x19 0xCD 0xDC 0x79 ...'
     krb5Key: '0x30 0x29 0xA0 0x03 0x02 0x01 0x12 0xA1 0x22 0x04 0x20 0xCD 0x8B 0x35 0x47 0x17 ...'
     krb5Key: '0x30 0x11 0xA0 0x03 0x02 0x01 0x03 0xA1 0x0A 0x04 0x08 0x57 0x79 0x2F 0x37 0x86 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x17 0xA1 0x12 0x04 0x10 0x79 0x07 0xE0 0xC8 0x77 ...'
     krb5Key: '0x30 0x19 0xA0 0x03 0x02 0x01 0x11 0xA1 0x12 0x04 0x10 0x2F 0x93 0xE4 0x81 0x1F ...'
     krb5PrincipalName: krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
  for kerberos principal name krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Ticket will be issued for access to krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL.
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Monitoring Authentication Service (AS) context:
 	clockSkew              300000
 	clientAddress          /192.168.104.190
 	principal              andreas@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              andreas@KPLATSEN.LOCAL
 	SAM type               null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	cn                     null
 	realm                  null
 	principal              krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	SAM type               null
 	Request key type       des-cbc-md5 (3)
 	Client key version     0
 	Server key version     0
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Responding with Authentication Service (AS) reply:
 	messageType:           AS_REP
 	protocolVersionNumber: 5
 	nonce:                 697270466
 	clientPrincipal:       andreas@KPLATSEN.LOCAL
 	client realm:          KPLATSEN.LOCAL
 	serverPrincipal:       krbtgt/KPLATSEN.LOCAL@KPLATSEN.LOCAL
 	server realm:          KPLATSEN.LOCAL
 	auth time:             20100203080050Z
 	start time:            null
 	end time:              20100204080050Z
 	renew-till time:       20100204080153Z
 	hostAddresses:         null
 [09:00:50] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /192.168.104.190:53333 SENT:  org.apache.directory.server.kerberos.shared.messages.AuthenticationReply@3d89acb5

Mime
View raw message