1 Reply Latest reply on Jun 20, 2016 2:22 PM by Martin Choma

    SPNEGO and EAP 6.4

    Tim McGinnis Newbie

      I am trying to set up SPNEGO on EAP 6.4 and am seeing something in my logs that I think is weird.  Why is my principal look like it is encrypted?


      08:56:33,167 TRACE [org.jboss.security.negotiation.common.NegotiationContext] (http-/ associate 279712080

      08:56:33,167 TRACE [org.jboss.security] (http-/ PBOX000200: Begin isValid, principal: oGCoynHrjt8dBm6bqqADHQlD_1466427379620, cache entry: null

      08:56:33,167 TRACE [org.jboss.security] (http-/ PBOX000209: defaultLogin, principal: oGCoynHrjt8dBm6bqqADHQlD_1466427379620

      08:56:33,167 TRACE [org.jboss.security] (http-/ PBOX000221: Begin getAppConfigurationEntry(SPNEGO), size: 9

      08:56:33,167 TRACE [org.jboss.security] (http-/ PBOX000224: End getAppConfigurationEntry(SPNEGO), AuthInfo: AppConfigurationEntry[]:


      LoginModule Class: org.jboss.security.negotiation.spnego.SPNEGOLoginModule

      ControlFlag: LoginModuleControlFlag: requisite


      name=serverSecurityDomain, value=host

      name=password-stacking, value=useFirstPass

        • 1. Re: SPNEGO and EAP 6.4
          Martin Choma Master

          From debugging NegotiationAuthenticator it seems username here is just some unique stuff


          username = session.getId() + "_" + String.valueOf(System.currentTimeMillis());


          If you want to see used username in log you can set system property -Dsun.security.krb5.debug=true