directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wiley <debio...@gmail.com>
Subject Re: Kerberos Can't Find Users
Date Thu, 22 Apr 2010 20:06:44 GMT
On Thu, Apr 22, 2010 at 12:22 PM, Stefan Seelmann <seelmann@apache.org>wrote:
>
> Please make sure that the password is binary, you could use
> StringTools.getBytesUtf8( String ).
>

That method doesn't seem to exist, but this seems to work:
entry.add("userPassword", password.getBytes());

Do you have a stack trace of the NPE?
>

Yes:
java.lang.NullPointerException
at
org.apache.directory.server.core.kerberos.KeyDerivationInterceptor.add(KeyDerivationInterceptor.java:141)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.journal.JournalInterceptor.add(JournalInterceptor.java:129)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.trigger.TriggerInterceptor.add(TriggerInterceptor.java:284)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.event.EventInterceptor.add(EventInterceptor.java:152)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.collective.CollectiveAttributeInterceptor.add(CollectiveAttributeInterceptor.java:354)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.subtree.SubentryInterceptor.add(SubentryInterceptor.java:581)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.schema.SchemaInterceptor.add(SchemaInterceptor.java:1733)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.operational.OperationalAttributeInterceptor.add(OperationalAttributeInterceptor.java:241)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.changelog.ChangeLogInterceptor.add(ChangeLogInterceptor.java:109)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.exception.ExceptionInterceptor.add(ExceptionInterceptor.java:212)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.interceptor.BaseInterceptor.add(BaseInterceptor.java:130)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.authz.AciAuthorizationInterceptor.add(AciAuthorizationInterceptor.java:436)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.referral.ReferralInterceptor.add(ReferralInterceptor.java:243)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:213)
at
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1197)
at
org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:118)
at
org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:757)
at
org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:261)
at
org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:145)
at
org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:122)
at org.wileynet.slinad.embedded.EmbeddedADS.addUser(EmbeddedADS.java:255)
at
org.wileynet.slinad.embedded.EmbeddedADS.populateDirectory(EmbeddedADS.java:228)
at
org.wileynet.slinad.embedded.EmbeddedADS.addDefaultSuffixIfNotAvailable(EmbeddedADS.java:215)
at org.wileynet.slinad.embedded.EmbeddedADS.<init>(EmbeddedADS.java:135)
at org.wileynet.slinad.embedded.EmbeddedADS.main(EmbeddedADS.java:341)

>
> > If I add an entry manually though the Directory Studio, I now get this
> error
> > from kinit:
> > kinit: KDC has no support for padata type while getting initial
> credentials
> > and this from ADS:
> > 358279 [NioDatagramAcceptor-3] WARN
> > org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler  -
> KDC
> > has no support for padata type (16)
> >
> > and... what does that mean? I'll be looking around for it, but I've never
> > seen the term padata before, and I've read a good bit on Kerberos.
>
> If you like to read RFCs: RFC 4120, section 5.2.7.
>

I sometimes enjoy reading RFC's, but I always hate how they're raw text
documents that have built-in pagination. That always seemed like a bad idea
to me. </RandomComplaint>
I'll take a look.

Thanks,
Andrew Wiley

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message