directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: [ApacheDS] "Pre-authentication information was invalid " error
Date Sat, 05 Jun 2010 08:54:05 GMT
On 6/5/10 4:04 AM, Snake wrote:
> Greetings
>
> I've set up ApacheDS in a remote machine, and activated its Kerberos 
> service. I'm trying to test it using the client/server "hello world" 
> made by java monkey, available in this link: 
> http://thejavamonkey.blogspot.com/2008/04/clientserver-hello-world-in-kerberos.html 
>
>
> I was managing to get it to work in my local machine - both the kdc 
> and the demo were running in my computer. But when I installed 
> ApacheDS in a remote host, with the same server.xml file, the demo 
> didn't work anymore. I started getting this "Pre-authentication 
> information was invalid " error. To make sure the problem was due to 
> the demo and the kdc being in diferente machines, I installed the demo 
> in the remote machine where I also installed the kdc, I run it there, 
> and it got back to work properly. It seems that both the demo and kdc 
> need to be in the same machine.
>
> I assume that if I get to disable the pre-authentication I can get 
> past this issue. I consulted the online documentation, and I assume 
> that I need to put something like this in the server.xml file:
>
> <bean id="kdcConfiguration" 
> class="org.apache.directory.server.kerberos.kdc.KdcConfiguration">
> <property name="paEncTimestampRequired" value="false" />
> </bean>
>
> The problem is, I don't know where this should be inside the file. 
> Could anyone give me a hint about where to put this configuration, or 
> how to resolve this issue in another way? I really need to get this 
> thing to work :\
>
> Thanks in advance.
>
Sorry for the missing documentation :/ It's *really* lagging here... 
Time is an expensive resource !

So you have to put it in the kdcServer part of the server.xml file :

<kdcServer id="kdcServer" paEncTimestampRequired="false">
<transports>
<tcpTransport port="60088" nbThreads="4" backLog="50"/>
<udpTransport port="60088" nbThreads="4" backLog="50"/>
</transports>
<directoryService>#directoryService</directoryService>

</kdcServer>


-- 
Regards,
Cordialement,
Emmanuel L├ęcharny
www.nextury.com



Mime
View raw message