Kerberos spring javax.security.auth.login.LoginException: Unable to obtain password from user

java spring spring-security kerberos spring-security-kerberos
codelearner picture codelearner · Apr 24, 2015 · Viewed 40.2k times · Source

I am implementing kerberos Authentication in my existing java spring application.My unix team has provided me SPN, krb5.conf and keytab file. I am trying hard with below code and configuration but getting unable to obtain password from user exception as in attached logs below.

Can anybody correct me If I am doing something wrong or what could be going wrong? Let me know if you need more information on this. It would be good if someone can tell, how to verify if kerberos configuration is correct or not?
Here is what I have tried. I am using:

  • JDK 1.6
  • spring-security-kerberos-core-1.0.0.M2.jar
  • spring-security-core-3.0.1.RELEASE.jar
  • spring-security-config-3.0.1.RELEASE.jar
  • spring-security-web-3.0.1.RELEASE.jar

My security-config.xml is:

<?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:util="http://www.springframework.org/schema/util"
           xmlns:beans="http://www.springframework.org/schema/beans"
           xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans.xsd
           http://www.springframework.org/schema/util
           http://www.springframework.org/schema/util/spring-util-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<beans:bean class="com.ci.util.TrimmingPropertyPlaceholderConfigurer">
        <beans:property name="searchSystemEnvironment" value="true" />
        <beans:property name="locations">
            <beans:list>
                <beans:value>file:${install.home}/config/application.properties
                </beans:value>
                <beans:value>file:${install.home}/config/environment.properties
                </beans:value>
            </beans:list>
        </beans:property>
    </beans:bean>

    <http entry-point-ref="spnegoEntryPoint" auto-config="false">
        <intercept-url pattern="/selectBlacklisting*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/j_spring_security_check*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
     <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />

     <custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_AUTH_FILTER" />
        <form-login login-page="/selectBlacklisting.form" default-target-url="/" always-use-default-target="true"/>
   </http>

   <authentication-manager alias="authenticationManager">
      <authentication-provider ref="kerberosServiceAuthenticationProvider" />
      <authentication-provider ref="kerberosAuthenticationProvider"/>
   </authentication-manager>

    <beans:bean id="spnegoEntryPoint"
  class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint" />

 <beans:bean id="spnegoAuthenticationProcessingFilter"
  class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
  <beans:property name="authenticationManager" ref="authenticationManager" />
 </beans:bean>

    <beans:bean id="kerberosServiceAuthenticationProvider"
  class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
  <beans:property name="ticketValidator">
   <beans:bean
    class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
    <beans:property name="servicePrincipal" value="${servicePrincipal.url}"/>
    <beans:property name="keyTabLocation" value="${keyTabLocation.url}" />
    <beans:property name="debug" value="true"/>
   </beans:bean>
  </beans:property>
  <beans:property name="userDetailsService" ref="dummyUserDetailsService" />
 </beans:bean>

    <beans:bean id="kerberosAuthenticationProvider" class="org.springframework.security.extensions.kerberos.KerberosAuthenticationProvider">
  <beans:property name="kerberosClient">
   <beans:bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosClient">
    <beans:property name="debug" value="true" />
   </beans:bean>
  </beans:property>
  <beans:property name="userDetailsService" ref="dummyUserDetailsService" />
 </beans:bean>

    <beans:bean class="org.springframework.security.extensions.kerberos.GlobalSunJaasKerberosConfig">
  <beans:property name="debug" value="true" />
  <beans:property name="krbConfLocation" value="${krbConfLocation.url}" />
 </beans:bean>

    <beans:bean id="dummyUserDetailsService" class="com.ci.manager.interceptor.DummyUserDetailService"/>

  </beans:beans>

Properties values used in above security-config.xml:

servicePrincipal.url=HTTP/[email protected]  
  keyTabLocation.url=file:/MY_APP_ITE3/appmanager/50.T0.17/config/xyzcard-sit1.keytab
  krbConfLocation.url=/etc/krb5/krb5.conf

My DummyUserDetailService:

public class DummyUserDetailService implements UserDetailsService {
    private static final Logger LOGGER = Logger.getLogger(DummyUserDetailService.class);
    public DummyUserDetailService(){
        LOGGER.info("DummyUserDetailService constructor called>>>>>>>>>");
    }


public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    LOGGER.info("loadUserByUsername method called>>>>>>>>>"+username);
    LOGGER.info("loadUserByUsername method called>AuthorityUtils.createAuthorityList>>>>>>>>"+AuthorityUtils.createAuthorityList("ROLE_USER"));
    return new User(username, "notUsed",true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_USER"));
}

}

My web.xml is:

    <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
        version="2.4">

        <display-name>Customer Intelligence Management Tool</display-name>
        <distributable/>
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>
                org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>    
        </filter>

        <filter-mapping>
              <filter-name>springSecurityFilterChain</filter-name>
              <url-pattern>/*</url-pattern>
        </filter-mapping>
         <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/security-config.xml</param-value>
        </context-param>     
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener> 

        <servlet>
            <servlet-name>app-manager</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <init-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>
                    /WEB-INF/applicationContext.xml,
                    /WEB-INF/app-manager-servlet.xml
                </param-value>
            </init-param>
            <load-on-startup>1</load-on-startup>
        </servlet>

        <servlet-mapping>
            <servlet-name>app-manager</servlet-name>
            <url-pattern>*.form</url-pattern>
        </servlet-mapping>

        <session-config>
            <session-timeout>15</session-timeout>
        </session-config>

        <welcome-file-list>
            <welcome-file>/WEB-INF/jsp/index.jsp</welcome-file>
        </welcome-file-list>

        <error-page>
            <error-code>500</error-code>
            <location>/WEB-INF/jsp/Error.jsp</location>
        </error-page>

        <error-page>
            <error-code>404</error-code>
            <location>/WEB-INF/jsp/FileNotFound.jsp</location>
        </error-page>
    </web-app>

Application Logs showing exception:

  015-04-20 13:07:42 ERROR  org.springframework.web.context.ContextLoader[ContextLoader.java:219(initWebApplicationContext)] - Context initialization failed
        org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot create inner bean '(inner bean)' of type [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean] while setting bean property 'parent'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:125)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:562)
            at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:871)
            at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:423)
            at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272)
            at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196)
            at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
            at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764)
            at org.apache.catalina.core.StandardContext.start(StandardContext.java:4216)
            at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
            at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
            at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
            at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
            at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
            at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
            at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
            at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
            at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
            at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
            at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
            at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
            at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
            at org.apache.catalina.core.StandardService.start(StandardService.java:448)
            at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
            at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
            at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:150)
            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:109)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:274)
            ... 39 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:355)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:27)
            at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
            at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:143)
            ... 41 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1308)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
            at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
            at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
            at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
            ... 55 more
        Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user

            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1403)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
            at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)
            ... 65 more
        Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

            at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:789)
            at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:654)
            at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
            at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
            at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
            at java.security.AccessController.doPrivileged(Native Method)
            at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
            at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
            at org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator.afterPropertiesSet(SunJaasKerberosTicketValidator.java:125)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1400)
            ... 68 more

Server Logs: 

Apr 22, 2015 8:29:38 AM org.apache.catalina.loader.WebappClassLoader validateJarFile
        INFO: validateJarFile(/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/work/Catalina/localhost/app-manager/WEB-INF/lib/j2ee-1.4.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
        Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab refreshKrb5Config is false principal is HTTP/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
        >>> KeyTabInputStream, readName(): SYSTEMS.PRIVATE
        >>> KeyTabInputStream, readName(): HTTP
        >>> KeyTabInputStream, readName(): srv-xyzcard-sit1.systems.private
        >>> KeyTab: load() entry length: 88; type: 23
        Key for the principal HTTP/[email protected] not available in file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab
          [Krb5LoginModule] authentication failed 
        Unable to obtain password from user

        Apr 22, 2015 8:29:52 AM org.apache.catalina.core.StandardContext start

Answer

Charith De Silva picture Charith De Silva · May 12, 2015

This may be due to property values not been resolved on the security-config. Can you hard code following and try again? 

   <beans:property name="servicePrincipal" value="HTTP/[email protected]"/>
<beans:property name="keyTabLocation" value="file:YOUR KEY TAB LOCATION >>/mykey.keytabl" />

Your error has thrown from javax.security.auth.login.LoginContext's init method so it should be something about keytab file or service principle is not set properly.

Related questions

Spring Security Kerberos + AD, Checksum Fail

I'm trying to do a Spring Security Kerberos with Active Directory credentials as stated in http://docs.spring.io/spring-security-kerberos/docs/1.0.1.RELEASE/reference/htmlsingle/#samples-sec-server-win-auth. I'd like to say that I've got most of the things down (SPN, keytabs, etc.). …

Read More
How to fix Hibernate LazyInitializationException: failed to lazily initialize a collection of roles, could not initialize proxy - no Session

In the custom AuthenticationProvider from my spring project, I am trying read the list of authorities of the logged user, but I am facing the following error: org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: com.horariolivre.…

Read More
When using Spring Security, what is the proper way to obtain current username (i.e. SecurityContext) information in a bean?

I have a Spring MVC web app which uses Spring Security. I want to know the username of the currently logged in user. I'm using the code snippet given below . Is this the accepted way? I don't like having a …

Read More