GSSAPI Binds to Directory Studio

Fri, 17 Dec 2010 15:29:29 -0800 

Hello,

I am trying to make a GSSAPI bind to an OpenLDAP directory server
using Directory Studio.  When I setup a connection I specify 'Use
native TGT' and 'Use native system configuration'.  When I try and
attempt I get the failure:

Error while opening connection
 javax.naming.NamingException [Root exception is 
javax.security.auth.login.LoginException: Unable to obtain Princpal Name for 
authentication ]
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.doGssapiBind(JNDIConnectionWrapper.java:1153)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.access$700(JNDIConnectionWrapper.java:106)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper$7.run(JNDIConnectionWrapper.java:1041)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.runAndMonitor(JNDIConnectionWrapper.java:1272)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.doBind(JNDIConnectionWrapper.java:1065)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.bind(JNDIConnectionWrapper.java:254)
        at 
org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114)
        at 
org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:114)
        at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
Caused by: javax.security.auth.login.LoginException: Unable to obtain Princpal 
Name for authentication
        at 
com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:750)
        at 
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:646)
        at 
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:559)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
        at 
javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
        at java.security.AccessController.doPrivileged(Native Method)
        at 
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
        at 
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.doGssapiBind(JNDIConnectionWrapper.java:1149)
        ... 8 more

 javax.naming.NamingException [Root exception is 
javax.security.auth.login.LoginException: Unable to obtain Princpal Name for 
authentication ]

Looks like Directory Studio is not finding my ticket cache.  I would
expect it to follow the KRB5CCNAME environment variable.  Is there
some other way to point Directory Studio at my ticket cache?

Thanks in advance,

Bill

--

Bill MacAllister
Infrastructure Delivery Group, Stanford University

Reply via email to