Hi,
Thank you for the response.
The initial setup of the spn and the keytab was without the port-number, the
registry key was a suggestion found on internet but this setting does not
change the outcome.
The command kinit on the Tomcat server returns the following
C:\MyPrograms\Tomcat7\conf>set KRB5_CONFIG=C:\MyPrograms\Tomcat7\conf\krb5.conf
C:\MyPrograms\Tomcat7\conf>c:\MyPrograms\Java\jdk1.7.0_60\bin\kinit -J-Djava.sec
urity.krb5.conf=C:\MyPrograms\Tomcat7\conf\krb5.conf -J-Djava.security.auth.logi
n.config=C:\MyPrograms\Tomcat7\conf\jaas.conf -J-Dsun.security.krb5.debug=true -
k -t C:\MyPrograms\Tomcat7\conf\tomcat8080.keytab HTTP/v3tcat4ad.assai.nl:8080@A
SSAI.NL
>>>KinitOptions cache name is C:\Users\TestUser\krb5cc_testuser
Principal is HTTP/v3tcat4ad.assai.nl:8...@assai.nl
>>> Kinit using keytab
>>> Kinit keytab file name: C:\MyPrograms\Tomcat7\conf\tomcat8080.keytab
Java config name: C:\MyPrograms\Tomcat7\conf\krb5.conf
Loaded from Java config
>>> Kinit realm name is ASSAI.NL
>>> Creating KrbAsReq
>>> KrbKdcReq local addresses for V3TCAT4AD are:
V3TCAT4AD/10.1.0.67
IPv4 address
V3TCAT4AD/fe80:0:0:0:d815:81c0:97e7:11d2%11
IPv6 address
>>> KdcAccessibility: reset
>>> KeyTabInputStream, readName(): ASSAI.NL
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): v3tcat4ad.assai.nl:8080
>>> KeyTab: load() entry length: 72; type: 23
Added key: 23version: 0
Ordering keys wrt default_tkt_enctypes list
default etypes for default_tkt_enctypes: 23 18 17.
default etypes for default_tkt_enctypes: 23 18 17.
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number of retries
=3, #bytes=198
>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt =1, #byt
es=198
>>> KrbKdcReq send: #bytes read=173
>>>Pre-Authentication Data:
PA-DATA type = 11
PA-ETYPE-INFO etype = 23, salt =
>>>Pre-Authentication Data:
PA-DATA type = 19
PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>>>Pre-Authentication Data:
PA-DATA type = 2
PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
PA-DATA type = 16
>>>Pre-Authentication Data:
PA-DATA type = 15
>>> KdcAccessibility: remove v3dom1.assai.nl:88
>>> KDCRep: init() encoding tag is 126 req type is 11
>>>KRBError:
sTime is Thu Oct 23 10:21:31 CEST 2014 1414052491000
suSec is 776700
error code is 25
error Message is Additional pre-authentication required
realm is ASSAI.NL
sname is krbtgt/ASSAI.NL
eData provided.
msgType is 30
>>>Pre-Authentication Data:
PA-DATA type = 11
PA-ETYPE-INFO etype = 23, salt =
>>>Pre-Authentication Data:
PA-DATA type = 19
PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>>>Pre-Authentication Data:
PA-DATA type = 2
PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
PA-DATA type = 16
>>>Pre-Authentication Data:
PA-DATA type = 15
KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ
default etypes for default_tkt_enctypes: 23 18 17.
Added key: 23version: 0
Ordering keys wrt default_tkt_enctypes list
default etypes for default_tkt_enctypes: 23 18 17.
Added key: 23version: 0
Ordering keys wrt default_tkt_enctypes list
default etypes for default_tkt_enctypes: 23 18 17.
default etypes for default_tkt_enctypes: 23 18 17.
>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number of retries
=3, #bytes=283
>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt =1, #byt
es=283
>>> KrbKdcReq send: #bytes read=88
>>> KrbKdcReq send: kdc=v3dom1.assai.nl TCP:88, timeout=30000, number of retries
=3, #bytes=283
>>> KDCCommunication: kdc=v3dom1.assai.nl TCP:88, timeout=30000,Attempt =1, #byt
es=283
>>>DEBUG: TCPClient reading 1496 bytes
>>> KrbKdcReq send: #bytes read=1496
>>> KdcAccessibility: remove v3dom1.assai.nl:88
Added key: 23version: 0
Ordering keys wrt default_tkt_enctypes list
default etypes for default_tkt_enctypes: 23 18 17.
>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>> KrbAsRep cons in KrbAsReq.getReply HTTP/v3tcat4ad.assai.nl:8080
New ticket is stored in cache file C:\Users\TestUser\krb5cc_testuser
C:\MyPrograms\Tomcat7\conf>klist
Current LogonId is 0:0x13380b5c
Cached Tickets: (0)
Kind regards,
Philippe Wijdh
Senior Programmer
Assai software services BV, Parallelweg Oost 13a, 4103 NC, Culemborg, The
Netherlands
P: +31 (0)345 516 663, E: p.wi...@assai.nl, W: www.assai-software.com
-----Original Message-----
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: donderdag 23 oktober 2014 7:53
To: Tomcat Users List
Subject: Re: Built-in Tomcat Support for Windows Authentication
Am 22. Oktober 2014 11:40:56 MESZ, schrieb Philippe Wijdh <p.wi...@assai.nl>:
>Hello,
>
>We have spent a long time now, trying to set up Apache Tomcat with
>Windows Authentication.
>We followed the instructions as per
>http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html but we
>cannot make it work properly, the logon dialog keeps appearing and
>trying to log on fails.
>Additional to that we tried suggestions, like adding the registry key
>AllowTgtSessionKey and setting it to 0x01
Haven't seen that recommendation in the tomcat documentation.
>Seems like we are close but we are missing something (see tomcat output
>below)
>Does anyone have a more complete documentation or have any suggestions
>on how to make this work.
>
>
>Kind regards,
>
>Philippe Wijdh
>
>
>
>Extra information on the setup:
>
>Windows 2008 r2 sp1
>Apache Tomcat 7.0.54
>jdk1.7.0_60
>
>Tomcat is running as a service using account
>HTTP/v3tcat4ad.assai.nl:8080 (have created spn with and without the
>port number, does not make a difference)
You will have to use the spn without the port.
>
>Test is done with user testu...@assai.nl<mailto:testu...@assai.nl> in
>IE11 on different machines, with http://v3tcat4ad.assai.nl explicitly
>added to the Intranet sites.
>
>
>
>Tomcat Output:
>
>>>> KeyTabInputStream, readName(): ASSAI.NL KeyTabInputStream,
>>>> readName(): HTTP KeyTabInputStream, readName():
>>>> v3tcat4ad.assai.nl:8080
What is inside your keytab?
>>>> KeyTab: load() entry length: 72; type: 23
>Java config name: C:\MyPrograms\Tomcat7\conf\krb5.conf
>Loaded from Java config
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>>>> KdcAccessibility: reset
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=152
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=152
>>>> KrbKdcReq send: #bytes read=173
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>>>> KDCRep: init() encoding tag is 126 req type is 11
>>>>KRBError:
> sTime is Wed Oct 22 09:53:56 CEST 2014 1413964436000
> suSec is 403143
> error code is 25
> error Message is Additional pre-authentication required
> realm is ASSAI.NL
> sname is krbtgt/ASSAI.NL
> eData provided.
> msgType is 30
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=235
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=235
>>>> KrbKdcReq send: #bytes read=1446
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsRep cons in KrbAsReq.getReply HTTP/v3tcat4ad.assai.nl:8080
This is the wrong spn. The port number should not be there.
Regards
Felix
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Search Subject for SPNEGO ACCEPT cred (<<DEF>>,
>sun.security.jgss.spnego.SpNegoCredElement)
>Search Subject for Kerberos V5 ACCEPT cred (<<DEF>>,
>sun.security.jgss.krb5.Krb5AcceptCredential)
>Found KeyTab
>Found KerberosKey for HTTP/v3tcat4ad.assai.nl:8...@assai.nl
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=152
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=152
>>>> KrbKdcReq send: #bytes read=173
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>>>> KDCRep: init() encoding tag is 126 req type is 11
>>>>KRBError:
> sTime is Wed Oct 22 09:54:12 CEST 2014 1413964452000
> suSec is 996893
> error code is 25
> error Message is Additional pre-authentication required
> realm is ASSAI.NL
> sname is krbtgt/ASSAI.NL
> eData provided.
> msgType is 30
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=235
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=235
>>>> KrbKdcReq send: #bytes read=1446
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsRep cons in KrbAsReq.getReply HTTP/v3tcat4ad.assai.nl:8080
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Search Subject for SPNEGO ACCEPT cred (<<DEF>>,
>sun.security.jgss.spnego.SpNegoCredElement)
>Search Subject for Kerberos V5 ACCEPT cred (<<DEF>>,
>sun.security.jgss.krb5.Krb5AcceptCredential)
>Found KeyTab
>Found KerberosKey for HTTP/v3tcat4ad.assai.nl:8...@assai.nl
>Entered Krb5Context.acceptSecContext with state=STATE_NEW Added key:
>23version: 0 Ordering keys wrt default_tkt_enctypes list default etypes
>for default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=152
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=152
>>>> KrbKdcReq send: #bytes read=173
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>>>> KDCRep: init() encoding tag is 126 req type is 11
>>>>KRBError:
> sTime is Wed Oct 22 09:54:56 CEST 2014 1413964496000
> suSec is 543768
> error code is 25
> error Message is Additional pre-authentication required
> realm is ASSAI.NL
> sname is krbtgt/ASSAI.NL
> eData provided.
> msgType is 30
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=235
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=235
>>>> KrbKdcReq send: #bytes read=1446
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsRep cons in KrbAsReq.getReply HTTP/v3tcat4ad.assai.nl:8080
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Search Subject for SPNEGO ACCEPT cred (<<DEF>>,
>sun.security.jgss.spnego.SpNegoCredElement)
>Search Subject for Kerberos V5 ACCEPT cred (<<DEF>>,
>sun.security.jgss.krb5.Krb5AcceptCredential)
>Found KeyTab
>Found KerberosKey for HTTP/v3tcat4ad.assai.nl:8...@assai.nl
>09:55:00.008 [QuartzScheduler_Worker-1] DEBUG
>org.quartz.core.JobRunShell - Calling execute on job DEFAULT.reportsJob
>09:55:00.008 [QuartzScheduler_Worker-1] DEBUG
>org.quartz.core.JobRunShell - Calling execute on job DEFAULT.reportsJob
>Added key: 23version: 0 Ordering keys wrt default_tkt_enctypes list
>default etypes for default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=152
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=152
>>>> KrbKdcReq send: #bytes read=173
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>>>> KDCRep: init() encoding tag is 126 req type is 11
>>>>KRBError:
> sTime is Wed Oct 22 09:55:15 CEST 2014 1413964515000
> suSec is 715643
> error code is 25
> error Message is Additional pre-authentication required
> realm is ASSAI.NL
> sname is krbtgt/ASSAI.NL
> eData provided.
> msgType is 30
>>>>Pre-Authentication Data:
> PA-DATA type = 11
> PA-ETYPE-INFO etype = 23, salt =
>
>>>>Pre-Authentication Data:
> PA-DATA type = 19
> PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null
>
>>>>Pre-Authentication Data:
> PA-DATA type = 2
> PA-ENC-TIMESTAMP
>>>>Pre-Authentication Data:
> PA-DATA type = 16
>
>>>>Pre-Authentication Data:
> PA-DATA type = 15
>
>KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>default etypes for default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsReq creating message
>>>> KrbKdcReq send: kdc=v3dom1.assai.nl UDP:88, timeout=30000, number
>of retries =3, #bytes=235
>>>> KDCCommunication: kdc=v3dom1.assai.nl UDP:88, timeout=30000,Attempt
>=1, #bytes=235
>>>> KrbKdcReq send: #bytes read=1446
>>>> KdcAccessibility: remove v3dom1.assai.nl:88
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>>> KrbAsRep cons in KrbAsReq.getReply HTTP/v3tcat4ad.assai.nl:8080
>Added key: 23version: 0
>Ordering keys wrt default_tkt_enctypes list default etypes for
>default_tkt_enctypes: 23 18 17.
>Search Subject for SPNEGO ACCEPT cred (<<DEF>>,
>sun.security.jgss.spnego.SpNegoCredElement)
>Search Subject for Kerberos V5 ACCEPT cred (<<DEF>>,
>sun.security.jgss.krb5.Krb5AcceptCredential)
>Found KeyTab
>Found KerberosKey for HTTP/v3tcat4ad.assai.nl:8...@assai.nl
>Entered Krb5Context.acceptSecContext with state=STATE_NEW Added key:
>23version: 0 Ordering keys wrt default_tkt_enctypes list default etypes
>for default_tkt_enctypes: 23 18 17.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
