https://issues.apache.org/bugzilla/show_bug.cgi?id=49389
Summary: Kerberos ticket header not passing properly
Product: Tomcat Connectors
Version: 1.2.30
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: mod_jk
AssignedTo: dev@tomcat.apache.org
ReportedBy: bkrish...@medrad.com
Hello
We are having Desktop SSO for an application hosted on tomcat. The Desktop SSO
uses kerberos authentication. We are using spnego.sourceforge.net solution for
enabling SSO on tomcat end. Now, desktop SSO works charm.
Now we would like to front tomcat with APache and use mod_jk for connecting. We
have Apache 2.2.15, mod_jk 1.2.30 on Tomcat 6.0.24. As such apache & mod_jk is
working fine with tomcat when SSO is turned off on tomcat i.e apache and mod_jk
have been configured properly.
When i turn on SSO on tomcat, i get error when going through Apache but when i
hit tomcat directly i don't get any error.
Here is the error i'm getting
GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum
failed)
sun.security.jgss.krb5.Krb5Context.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(Unknown Source)
sun.security.jgss.spnego.SpNegoContext.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
sun.security.jgss.GSSContextImpl.acceptSecContext(Unknown Source)
Does it mean that i need to tweak some configuration on apache and mod_jk to
work with tomcat when sso is enabled?
Please help
Regards
KB
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
