0 Replies Latest reply on May 13, 2010 8:34 AM by selvakumars

Unable to create LDAPContext using GSSAPI in Window Server 2008

selvakumars May 13, 2010 8:34 AM

Hi All,

I have following error while creating the LDAP Context for the user that have authenticated using KRB5LoginMOdule. This error occurs after the KRB5LoginModule is suceeded. I have same setup in the window server 2003 that works fine.

My Configuration is

<application-policy name="host">

<login-module code="com.sun.security.auth.module.Krb5LoginModule"

flag="required">

<module-option name="storeKey">true</module-option>

<module-option name="useKeyTab">true</module-option>

<module-option name="principal">HTTP/test14.test2008.com@test2008.com</module-option>

<module-option name="keyTab">C:\prakash\jbossservice.keytab</module-option>

<module-option name="isInitiator">false</module-option>

<module-option name="doNotPrompt">true</module-option>

<module-option name="debug">true</module-option>

</login-module>

</authentication>

</application-policy>

<application-policy name="SPNEGO">

<login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="requisite">

<module-option name="password-stacking">useFirstPass</module-option>

<module-option name="serverSecurityDomain">host</module-option>

</login-module>

<login-module code="org.jboss.security.negotiation.AdvancedLdapLoginModule" flag="required">

<module-option name="password-stacking">useFirstPass</module-option>

<module-option name="bindAuthentication">GSSAPI</module-option>

<module-option name="jaasSecurityDomain">host</module-option>

<module-option name="java.naming.provider.url">ldap://test24.test2008.com:389</module-option>

<module-option name="baseCtxDN">CN=Users,DC=TEST2008,DC=COM</module-option>

<module-option name="baseFilter">(userPrincipalName={0})</module-option>

<module-option name="roleAttributeID">memberOf</module-option>

<module-option name="roleAttributeIsDN">true</module-option>

<module-option name="roleNameAttributeID">cn</module-option>

<module-option name="recurseRoles">true</module-option>

<module-option name="debug">true</module-option>

<module-option name="javax.security.sasl.server.authentication">true</module-option>

</login-module>

</authentication>

</application-policy>

and

while running the run.bat - i have set the following

-Djava.security.krb5.realm=test2008.com -Djava.security.krb5.kdc=test24.test2008.com

The error that i have got is

LoginModule Class: org.jboss.security.negotiation.spnego.SPNEGOLoginModule

ControlFlag: LoginModuleControlFlag: requisite

Options:name=serverSecurityDomain, value=host

name=password-stacking, value=useFirstPass

[1]

LoginModule Class: org.jboss.security.negotiation.AdvancedLdapLoginModule

ControlFlag: LoginModuleControlFlag: required

Options:name=javax.security.sasl.server.authentication, value=true

name=bindAuthentication, value=GSSAPI

name=baseFilter, value=(userPrincipalName={0})

name=jaasSecurityDomain, value=host

name=java.naming.provider.url, value=ldap://test24.test2008.com:389

name=recurseRoles, value=true

name=roleNameAttributeID, value=cn

name=debug, value=true

name=roleAttributeIsDN, value=true

name=baseCtxDN, value=CN=Users,DC=TEST2008,DC=COM

name=roleAttributeID, value=memberOf

name=password-stacking, value=useFirstPass

2010-05-13 17:47:59,742 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] initialize, instance=@1103780712

2010-05-13 17:47:59,742 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Security domain: SPNEGO

2010-05-13 17:47:59,742 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] serverSecurityDomain=host

2010-05-13 17:47:59,742 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] login

2010-05-13 17:47:59,742 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(host), size=10

2010-05-13 17:47:59,743 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(host), authInfo=AppConfigurationEntry[]:

[0]

LoginModule Class: com.sun.security.auth.module.Krb5LoginModule

ControlFlag: LoginModuleControlFlag: required

Options:name=isInitiator, value=false

name=principal, value=HTTP/test14.test2008.com@test2008.com

name=useKeyTab, value=true

name=storeKey, value=true

name=keyTab, value=C:\prakash\jbossservice.keytab

name=debug, value=true

name=doNotPrompt, value=true

2010-05-13 17:47:59,743 INFO [STDOUT] Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is C:\prakash\jbossservice.keytab refreshKrb5Config is false principal is HTTP/test14.test2008.com@test2008.com tryFirstPass is false useFirstPass is false storePass is false clearPass is false

2010-05-13 17:47:59,744 INFO [STDOUT] principal's key obtained from the keytab

2010-05-13 17:47:59,744 INFO [STDOUT] principal is HTTP/test14.test2008.com@test2008.com

2010-05-13 17:47:59,745 INFO [STDOUT] EncryptionKey: keyType=17 keyBytes (hex dump)=0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

2010-05-13 17:47:59,745 INFO [STDOUT] EncryptionKey: keyType=16 keyBytes (hex dump)=0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

2010-05-13 17:47:59,746 INFO [STDOUT] EncryptionKey: keyType=23 keyBytes (hex dump)=0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

2010-05-13 17:47:59,746 INFO [STDOUT] EncryptionKey: keyType=1 keyBytes (hex dump)=0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:47:59,747 INFO [STDOUT] EncryptionKey: keyType=3 keyBytes (hex dump)=0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:47:59,748 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=17 keyBytes (hex dump)=

0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

2010-05-13 17:47:59,748 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:47:59,749 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=16 keyBytes (hex dump)=

0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

2010-05-13 17:47:59,750 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:47:59,751 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=23 keyBytes (hex dump)=

0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

2010-05-13 17:47:59,751 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:47:59,751 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=1 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:47:59,751 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:47:59,752 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=3 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:47:59,752 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:47:59,752 INFO [STDOUT] Commit Succeeded

2010-05-13 17:47:59,754 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Subject = Subject:

Principal: HTTP/test14.test2008.com@test2008.com

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=17 keyBytes (hex dump)=

0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=16 keyBytes (hex dump)=

0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=23 keyBytes (hex dump)=

0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=1 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=3 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:47:59,754 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Logged in 'host' LoginContext

2010-05-13 17:47:59,754 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Creating new GSSContext.

2010-05-13 17:48:00,248 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] context.getCredDelegState() = true

2010-05-13 17:48:00,249 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] context.getMutualAuthState() = true

2010-05-13 17:48:00,249 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] context.getSrcName() = testuser@TEST2008.COM

2010-05-13 17:48:00,249 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Result - true

2010-05-13 17:48:00,249 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] Storing username 'testuser@TEST2008.COM' and empty password

2010-05-13 17:48:00,249 INFO [STDOUT] [Krb5LoginModule]: Entering logout

2010-05-13 17:48:00,249 INFO [STDOUT] [Krb5LoginModule]: logged out Subject

2010-05-13 17:48:00,249 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] super.loginOk true

2010-05-13 17:48:00,250 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] initialize, instance=@1457398981

2010-05-13 17:48:00,250 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] Security domain: SPNEGO

2010-05-13 17:48:00,251 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] Using GSSAPI to connect to LDAP

2010-05-13 17:48:00,251 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(host), size=10

2010-05-13 17:48:00,251 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(host), authInfo=AppConfigurationEntry[]:

[0]

LoginModule Class: com.sun.security.auth.module.Krb5LoginModule

ControlFlag: LoginModuleControlFlag: required

Options:name=isInitiator, value=false

name=principal, value=HTTP/test14.test2008.com@test2008.com

name=useKeyTab, value=true

name=storeKey, value=true

name=keyTab, value=C:\prakash\jbossservice.keytab

name=debug, value=true

name=doNotPrompt, value=true

2010-05-13 17:48:00,252 INFO [STDOUT] Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is C:\prakash\jbossservice.keytab refreshKrb5Config is false principal is HTTP/test14.test2008.com@test2008.com tryFirstPass is false useFirstPass is false storePass is false clearPass is false

2010-05-13 17:48:00,252 INFO [STDOUT] principal's key obtained from the keytab

2010-05-13 17:48:00,252 INFO [STDOUT] principal is HTTP/test14.test2008.com@test2008.com

2010-05-13 17:48:00,253 INFO [STDOUT] EncryptionKey: keyType=17 keyBytes (hex dump)=0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

2010-05-13 17:48:00,254 INFO [STDOUT] EncryptionKey: keyType=16 keyBytes (hex dump)=0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

2010-05-13 17:48:00,254 INFO [STDOUT] EncryptionKey: keyType=23 keyBytes (hex dump)=0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

2010-05-13 17:48:00,255 INFO [STDOUT] EncryptionKey: keyType=1 keyBytes (hex dump)=0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:48:00,255 INFO [STDOUT] EncryptionKey: keyType=3 keyBytes (hex dump)=0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:48:00,256 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=17 keyBytes (hex dump)=

0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

2010-05-13 17:48:00,256 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:48:00,257 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=16 keyBytes (hex dump)=

0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

2010-05-13 17:48:00,257 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:48:00,258 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=23 keyBytes (hex dump)=

0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

2010-05-13 17:48:00,258 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:48:00,258 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=1 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:48:00,259 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:48:00,259 INFO [STDOUT] Added server's keyKerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=3 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:48:00,259 INFO [STDOUT] [Krb5LoginModule] added Krb5Principal HTTP/test14.test2008.com@test2008.com to Subject

2010-05-13 17:48:00,259 INFO [STDOUT] Commit Succeeded

2010-05-13 17:48:00,261 DEBUG [org.jboss.security.negotiation.AdvancedLdapLoginModule] Subject = Subject:

Principal: HTTP/test14.test2008.com@test2008.com

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=17 keyBytes (hex dump)=

0000: 50 B0 F9 57 BA 68 52 7F A6 14 DD B4 48 B1 14 90 P..W.hR.....H...

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=16 keyBytes (hex dump)=

0000: 5D 40 F7 13 9B 2C B3 CE 57 DF 2F E5 F7 FE 37 E9 ]@...,..W./...7.

0010: D3 32 9B 83 1C 13 E6 80

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=23 keyBytes (hex dump)=

0000: B6 EB 7B DC 22 7A 3B 36 4A A6 84 C0 7E 58 48 D8 ...."z;6J....XH.

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=1 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

Private Credential: Kerberos Principal HTTP/test14.test2008.com@test2008.comKey Version 1key EncryptionKey: keyType=3 keyBytes (hex dump)=

0000: BA 9D 6B 0D AB 58 26 FE

2010-05-13 17:48:00,261 DEBUG [org.jboss.security.negotiation.AdvancedLdapLoginModule] Logged in 'javax.security.auth.login.LoginContext@33906773' LoginContext

2010-05-13 17:48:00,262 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] login

2010-05-13 17:48:00,262 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] Identity - testuser@TEST2008.COM

2010-05-13 17:48:00,262 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] Logging into LDAP server, env={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, debug=true, roleNameAttributeID=cn, javax.security.sasl.server.authentication=true, password-stacking=useFirstPass, baseCtxDN=CN=Users,DC=TEST2008,DC=COM, roleAttributeID=memberOf, baseFilter=(userPrincipalName={0}), jboss.security.security_domain=SPNEGO, bindAuthentication=GSSAPI, java.naming.provider.url=ldap://test24.test2008.com:389, roleAttributeIsDN=true, jaasSecurityDomain=host, java.naming.security.authentication=GSSAPI, recurseRoles=true}

2010-05-13 17:48:00,347 INFO [STDOUT] [Krb5LoginModule]: Entering logout

2010-05-13 17:48:00,348 INFO [STDOUT] [Krb5LoginModule]: logged out Subject

2010-05-13 17:48:00,349 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] abort

2010-05-13 17:48:00,349 TRACE [org.jboss.security.negotiation.AdvancedLdapLoginModule] abort

2010-05-13 17:48:00,349 TRACE [org.jboss.security.plugins.JaasSecurityManager.SPNEGO] Login failure

javax.security.auth.login.LoginException: Unable to create new InitialLdapContext

at org.jboss.security.negotiation.AdvancedLdapLoginModule.constructLdapContext(AdvancedLdapLoginModule.java:485)

at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:339)

at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:734)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.Subject.doAs(Unknown Source)

at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:279)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at javax.security.auth.login.LoginContext.invoke(Unknown Source)

at javax.security.auth.login.LoginContext.access$000(Unknown Source)

at javax.security.auth.login.LoginContext$4.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)

at javax.security.auth.login.LoginContext.login(Unknown Source)

at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)

at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)

at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)

at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)

at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:127)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)

at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)

at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)

at java.lang.Thread.run(Unknown Source)

Caused by: javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]]

at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(Unknown Source)

at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)

at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)

at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)

at javax.naming.InitialContext.init(Unknown Source)

at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)

at org.jboss.security.negotiation.AdvancedLdapLoginModule.constructLdapContext(AdvancedLdapLoginModule.java:481)

... 31 more

Caused by: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(Unknown Source)

... 44 more

Caused by: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)

at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Unknown Source)

at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)

at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Unknown Source)

at sun.security.jgss.GSSManagerImpl.getMechanismContext(Unknown Source)

at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)

... 45 more

2010-05-13 17:48:00,351 TRACE [org.jboss.security.plugins.JaasSecurityManager.SPNEGO] End isValid, false

2010-05-13 17:48:00,351 TRACE [org.jboss.security.negotiation.common.MessageTrace.Response.Base64] oW0wa6JpBGdgZQYJKoZIhvcSAQICAgBvVjBUoAMCAQWhAwIBD6JIMEagAwIBF6I/BD0DyTcLwn/f

GAeVvBl39VFPkHp87cpDXobl+YfcKElYBicx25mzeRVORivT0Ac7+tapOxRDjZ6b08LR9Tmj

Please help me in finding solution for this

Thanks

Selvakumar.S