Hello
We are having Desktop SSO for an application hosted on tomcat. The Desktop =
SSO
uses kerberos authentication. We are using spnego.sourceforge.net solution =
for
enabling SSO on tomcat end. Now, desktop SSO works charm.
Now we would like to front tomcat with APache and use mod_jk for connecting=
. We
have Apache 2.2.15, mod_jk 1.2.30 on Tomcat 6.0.24. As such apache & mod_jk=
is
working fine with tomcat when SSO is turned off on tomcat i.e apache and mo=
d_jk
have been configured properly.
When i turn on SSO on tomcat, i get error when going through Apache but whe=
n i
hit tomcat directly i don't get any error.
Here is the error i'm getting
GSSException: Failure unspecified at GSS-API level (Mechanism level: Checks=
um
failed)
sun.security.jgss.krb5.Krb5Context.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(Unknown Sou=
rce)
sun.security.jgss.spnego.SpNegoContext.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
Does it mean that i need to tweak some configuration on apache and mod_jk t=
o
work with tomcat when sso is enabled?
Please help
Regards
KB
|