tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Help needed with SpnegoAuthenticator authentication
Date Fri, 15 Nov 2013 21:26:58 GMT
chris wrote:

> When testing see Log dump --->
>   Nov 14, 2013 10:04:50 PM org.apache.catalina.authenticator.SpnegoAuthenticator
> authenticate
>   SEVERE: Unable to login as the service principal
> Unable to obtain password from user
>             at
> Source)
>             at
I am not a Kerberos specialist, but why would the above 2 lines be there ?
The whole point of SSO normally, is to not have to promt the user for a login/password, 
and get the authentication directly from the logged-in workstation.
In a Windows-domain-style SSO, the fact of prompting the user usually already indicates 
that something (some prior step) is not working as it should.

I would suggest to use a protocol analyser (maybe just a browser plugin) to check what 
really goes on there.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message