https://issues.apache.org/bugzilla/show_bug.cgi?id=55570
Bug ID: 55570 Summary: SpnegoAuthenticator: Resource file is missing placeholders for exceptions. Product: Tomcat 7 Version: 7.0.29 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: sanderhartogen...@gmail.com In java/org/apache/catalina/authenticator/SpnegoAuthenticator.java problems are logged with an exception. The exception does not show up in the logging. The exception only shows up if I hack java/org/apache/catalina/authenticator/LocalStrings.properties in catalina.jar, and add a placeholder. REPRODUCE: - Configure SP-NEGO with Kerberos. - Mess up your principal in com.sun.security.jgss.krb5.accept in jaas.config. - Try to login. - See that you get something like: FINE [org.apache.catalina.authenticator.SpnegoAuthenticator authenticate] Failed to validate client supplied ticket FIX: In java/org/apache/catalina/authenticator/LocalStrings.properties please add [{0}] to the following lines: spnegoAuthenticator.ticketValidateFail=Failed to validate client supplied ticket spnegoAuthenticator.serviceLoginFail=Unable to login as the service principal In SpnegoAuthenticator.java you can verify that exceptions are indeed passed to the log. VALIDATE: - Reproduce again - See that you now get Failed to validate client supplied ticket [GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)] The exception is not super-helpful, but at least it's something. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org