Stephan Austermühle created DIRSTUDIO-1103:
----------------------------------------------
Summary: Unable to obtain Principal Name for authentication on
Windows
Key: DIRSTUDIO-1103
URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1103
Project: Directory Studio
Issue Type: Bug
Components: studio-connection
Affects Versions: 2.0.0-M10 (2.0.0.v20151221-M10)
Environment: Windows
Reporter: Stephan Austermühle
Priority: Minor
On a Windows desktop joined to an Active Directory domain it is not possible to
use Single Sign-On using GSSAPI/Kerberos. This is the reported exception when
checking authentication in the New LDAP Connection wizzard:
{noformat}
The authentication failed
- javax.security.auth.login.LoginException: Unable to obtain Principal Name
for authentication
org.apache.directory.api.ldap.model.exception.LdapException:
javax.security.auth.login.LoginException: Unable to obtain Principal Name for
authentication
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1657)
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1543)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:444)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1171)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:457)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:303)
at
org.apache.directory.studio.connection.core.jobs.CheckBindRunnable.run(CheckBindRunnable.java:79)
at
org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:127)
at
org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: javax.security.auth.login.LoginException: Unable to obtain Principal
Name for authentication
at com.sun.security.auth.module.Krb5LoginModule.promptForName(Unknown
Source)
at
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown
Source)
at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1644)
... 8 more
javax.security.auth.login.LoginException: Unable to obtain Principal Name for
authentication
{noformat}
With other applications (Windows, Web browsers) SSO works flawlessly (on
Kerberos enabled servers, of course).
Thanks for your help.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
