On 14/05/2015 22:29, Mark Thomas wrote:
On 14/05/2015 21:11, Mark Thomas wrote:
On 29/03/2015 23:13, André Warnier wrote:
David Marsh wrote:
I've tested all the following public JDKs
jdk-7u45-windows-i586.exe
jdk-7u65-windows-i586.exe
jdk-7u75-windows-i586.exe
jdk-8-windows-i586.exe
On 29/03/2015 23:13, André Warnier wrote:
David Marsh wrote:
I've tested all the following public JDKs
jdk-7u45-windows-i586.exe
jdk-7u65-windows-i586.exe
jdk-7u75-windows-i586.exe
jdk-8-windows-i586.exe
jdk-8u5-windows-i586.exe
jdk-8u11-windows-i586.exe
jdk-8u20-windows-i586.exe
On 14/05/2015 21:11, Mark Thomas wrote:
On 29/03/2015 23:13, André Warnier wrote:
David Marsh wrote:
I've tested all the following public JDKs
jdk-7u45-windows-i586.exe
jdk-7u65-windows-i586.exe
jdk-7u75-windows-i586.exe
jdk-8-windows-i586.exe
jdk-8u5-windows-i586.exe
by adding
allow_weak_crypto=true in the krb5.conf.
Regards
Felix
Mark
David
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Fri, 27 Mar 2015 23:40:06 +
By the way Tomcat 8
.exe -- Only this one fails SPNEGO / Bad GSS Token
Seems a recent fix must broken it.
David
Subject: Re: SPNEGO test configuration with Manager webapp
From: felix.schumac...@internetallee.de
Date: Sun, 29 Mar 2015 10:13:29 +0200
To: users
Subject: Re: SPNEGO test configuration with Manager webapp
From: felix.schumac...@internetallee.de
Date: Sun, 29 Mar 2015 10:13:29 +0200
To: users@tomcat.apache.org
Am 28. März 2015 17:46:50 MEZ, schrieb Mark Thomas ma...@apache.org:
On 28/03/2015 14:43, David Marsh wrote:
Ok so I went
authenticate() test
Date: Mon, 30 Mar 2015 00:13:54 +0200
From: a...@ice-sa.com
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
David Marsh wrote:
I've tested all the following public JDKs
jdk-7u45-windows-i586.exe
jdk
: Mon, 30 Mar 2015 00:13:54 +0200
From: a...@ice-sa.com
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
David Marsh wrote:
I've tested all the following public JDKs
jdk-7u45-windows-i586.exe
jdk-7u65-windows-i586.exe
jdk-7u75-windows-i586.exe
jdk-8
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Fri, 27 Mar 2015 23:40:06 +
By the way Tomcat 8 was running on JDK :-
C:\Windows\system32java -version
java version 1.8.0_40
Java(TM) SE Runtime
.kerbtest.local/manager/html
I get the same three 401's and the Negotiate.
Date: Thu, 26 Mar 2015 12:11:34 +0100
From: a...@ice-sa.com
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
David Marsh wrote:
Hi Mark
.
Date: Thu, 26 Mar 2015 12:11:34 +0100
From: a...@ice-sa.com
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
David Marsh wrote:
Hi Mark,
Thanks for that, yes I've got 30 years windows experience, I can use Linux
this and it works (assuming that all the moving parts are Linux-based).
And there are very few people (and web pages) which span both worlds with their various
combinations.
David
Date: Thu, 26 Mar 2015 09:00:22 +
From: ma...@apache.org
To: users@tomcat.apache.org
Subject: Re: SPNEGO test
On 26/03/2015 00:36, David Marsh wrote:
Still getting :-
java.security.PrivilegedActionException: GSSException: Defective token
detected (Mechanism level: G
SSHeader did not find the right tag)
Folks here mention lack of NegoEx support or bugs in GSS-APi ?
Hi Mark,
Thanks that would be great !
Do you have a good mechanism to test and ensure kerberos token is passed to
tomcat and not NTLM token ?
David
Date: Thu, 26 Mar 2015 09:00:22 +
From: ma...@apache.org
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager
Date: Thu, 26 Mar 2015 09:00:22 +
From: ma...@apache.org
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
On 26/03/2015 00:36, David Marsh wrote:
Still getting :-
java.security.PrivilegedActionException: GSSException: Defective token
detected
matters. There are probably some hidden caches that get cleared only in
that way.
many thanks
David
Date: Thu, 26 Mar 2015 11:32:39 +0100
From: a...@ice-sa.com
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
David Marsh wrote:
Hi Mark,
Thanks
@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
On 24/03/2015 20:47, David Marsh wrote:
Hi Felix,
Thanks fort your help!
I have enabled krb5 and gss debug.I altered CATALINA_OPTS in startup.bat and
also added the same definitions to the Java parameters in Configure Tomcat
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
On 24/03/2015 20:47, David Marsh wrote:
Hi Felix,
Thanks fort your help!
I have enabled krb5 and gss debug.I altered CATALINA_OPTS in startup.bat and
also added the same definitions to the Java parameters
is used).
Felix
Date: Tue, 24 Mar 2015 22:46:15 +
From: ma...@apache.org
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
On 24/03/2015 20:47, David Marsh wrote:
Hi Felix,
Thanks fort your help!
I have enabled
WWW-Authenticate: Negotiate
I'm not sure how long they should be, but they all end = so expect not
truncated ?
Subject: RE: SPNEGO test configuration with Manager webapp
From: felix.schumac...@internetallee.de
Date: Wed, 25 Mar 2015 17:31:51 +0100
...@internetallee.de
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Am 25.03.2015 16:09, schrieb David Marsh:
Put keytab in c:\keytab\tomcat.keytab, ensured owner was
tc01@KERTEST.LOCAL, still same symptoms.
Ran klist on client after firefox test and the three 401
:10 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Am 25.03.2015 16:09, schrieb David Marsh:
Put keytab in c:\keytab\tomcat.keytab, ensured owner was
tc01@KERTEST.LOCAL, still same symptoms.
Ran klist
)
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 16:50:47 +
Its possible I guess, although I would not expect that.
The test is :-
Client Test Windows 8.1 VM
Server..
Man, this thing is really a nightmare, isn't it ?
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 16:50:47 +
Its possible I guess, although I would
: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 16:50:47 +
Its possible I guess, although I would not expect that.
The test is :-
Client Test Windows 8.1 VM with Firefox - Tomcat Server Windows 8.1 VM
Firefox is not configured to use a proxy, its all in Vmware
Subject: Re: SPNEGO test configuration with Manager webapp
Felix Schumacher wrote:
Am 25.03.2015 um 20:19 schrieb André Warnier:
David Marsh wrote:
Javas version of kinit seems to report issue ?
C:\Program Files\Apache Software Foundation\Tomcat
8.0\confC:\Program Files\Ja
va\jdk1.8.0_40
to the ktpass call (as in
https://community.oracle.com/thread/1527560).
Felix
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 16:50:47 +
Its possible I guess
...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 16:50:47 +
Its possible I guess, although I would not expect that.
The test is :-
Client Test Windows 8.1 VM with Firefox - Tomcat Server Windows 8.1 VM
Firefox
in
KrbAsReq.getReply HTTP/win-tc01.kerbtest.localNew ticket is stored in cache
file C:\Users\tc01.KERBTEST\krb5cc_tc01
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 22:26:22 +
Turns out to use the Java
.internal.ASRep.init(Unknown Source)
at sun.security.krb5.internal.ASRep.init(Unknown Source)
... 5 more
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015 21:19:30
Kerberos, depend on the versions of both Java and Windows Server..
Man, this thing is really a nightmare, isn't it ?
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Wed, 25 Mar 2015
Does Tomcat 8 work with NegoEx ?
Is Windows 8.1 and Windows Server 2012 RC2 supported ?
many thanks
David
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: RE: SPNEGO test configuration with Manager webapp
Date: Thu, 26 Mar 2015 00:18:11 +
With the correct keytab and krb5
David Marsh wrote:
Hello,
I'm trying to get SPNEGO authentication working with Tomcat 8.
I've followed the guidelines on the website.
jaas.conf
com.sun.security.jgss.krb5.initiate {...};
com.sun.security.jgss.krb5.accept {com.sun.security.auth.module.Krb5LoginModule required
@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:25 schrieb David Marsh:
Everything is as described and still not working, except the jaas.conf is :-
com.sun.security.jgss.krb5.initiate {
com.sun.security.auth.module.Krb5LoginModule
Software Foundation/Tomcat
8.0/conf/tomcat.keytab
storeKey=true;
};
In other words the principal is the tomcat server as it should be.
Date: Tue, 24 Mar 2015 21:17:59 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
I was using Internet explorer and had added the ip address of to domain
controller/ tomcat server to the trusted sites list in the Intranet zone.I was
not using https.I was using a Windows 8 client VM to talk to a Windows Server
2012 VM.
I have now tried Firefox with SPNEGO and can confirm with
On 24/03/2015 15:17, David Marsh wrote:
snip/
SPNEGO is fickle. Sometimes the smallest change can cause problems.
Set up a test environment as close to the How-To as possible. You should
definitely be using three separate machines (or VMs).
Get this working. If your test environment doesn't
be a good tool on both, to list what's there and compare.
David
Date: Tue, 24 Mar 2015 21:39:38 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:25 schrieb David Marsh:
Everything
@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:05 schrieb David Marsh:
Sorry thats :-
principal=HTTP/win-tc01.kerbtest.local@KERBTEST.LOCAL
under jaas.conf, it is set to the tomcat server DNS.
Is it working with this configuration, or just
: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:25 schrieb David Marsh:
Everything is as described and still not working, except the jaas.conf is :-
com.sun.security.jgss.krb5.initiate
be.
Date: Tue, 24 Mar 2015 21:17:59 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:05 schrieb David Marsh:
Sorry thats :-
principal=HTTP/win-tc01.kerbtest.local@KERBTEST.LOCAL
Am 24.03.2015 um 21:02 schrieb David Marsh:
I'm trying to get SPNEGO authentication working with Tomcat 8.
I've created three Windows VMs :-
Tomcat Server - Windows 8.1 32 bit VM
Test Client - Windows 8.1 32 bit VM
Domain Controller - Windows Server 2012 R2 64 bit VM
The Tomcat Server and the
Files/Apache Software Foundation/Tomcat
8.0/conf/tomcat.keytab
storeKey=true;
};
In other words the principal is the tomcat server as it should be.
Date: Tue, 24 Mar 2015 21:17:59 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration
Sorry thats :-
principal=HTTP/win-tc01.kerbtest.local@KERBTEST.LOCAL
under jaas.conf, it is set to the tomcat server DNS.
From: dmars...@outlook.com
To: users@tomcat.apache.org
Subject: SPNEGO test configuration with Manager webapp
Date: Tue, 24 Mar
Am 24.03.2015 um 21:05 schrieb David Marsh:
Sorry thats :-
principal=HTTP/win-tc01.kerbtest.local@KERBTEST.LOCAL
under jaas.conf, it is set to the tomcat server DNS.
Is it working with this configuration, or just to point out, that you
copied the wrong jaas.conf for the mail?
Felix
I copied old config file to mail yes.
Date: Tue, 24 Mar 2015 21:17:59 +0100
From: felix.schumac...@internetallee.de
To: users@tomcat.apache.org
Subject: Re: SPNEGO test configuration with Manager webapp
Am 24.03.2015 um 21:05 schrieb David Marsh
46 matches
Mail list logo
