This discussion is archived
3 Replies Latest reply: Aug 21, 2012 1:06 PM by Faisal Khan RSS

Error while integrating with Kerberos and AD

956112 Newbie
Currently Being Moderated
Hi,

Implementing Kerberos as the Desktop Single Signon Solution

Environment : Peoplesoft
OS : Redhat Linux
webserver: Weblogic 10.3.4
appserver : tuxedo 10gr3

While doing this implementation I was able to complete it successfully with the JDK linux has provided(1.6.0_22). However the weblogic comes preconfigured with jrockit jdk version1.6.0_24-R28.1.3-4.0.1. When I start the weblogic with jrockit jdk as java_home I am getting the following error.


<Error> <HTTP> <BEA-101165> <Could not load user defined filter in web.xml: com.peoplesoft.pt.desktopsso.kerberos.KerberosSSOFilter.
java.lang.IllegalArgumentException: No Configuration was registered that can handle the configuration named krbServer
at com.bea.common.security.jdkutils.JAASConfiguration.getAppConfigurationEntry(JAASConfiguration.java:130)
at javax.security.auth.login.LoginContext.init(LoginContext.java:243)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:334)
at com.peoplesoft.pt.desktopsso.kerberos.KerberosSSOFilter.init(KerberosSSOFilter.java:142)
at weblogic.servlet.internal.FilterManager$FilterInitAction.run(FilterManager.java:332)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.FilterManager.loadFilter(FilterManager.java:98)
at weblogic.servlet.internal.FilterManager.preloadFilters(FilterManager.java:59)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1878)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1508)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:485)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:427)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:201)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:249)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:427)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:28)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:637)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:52)
at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:31)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:170)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:124)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:181)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:97)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)

these are my runtime parameters

java -jrockit -XnoOpt -XXnoJITInline -Xms512m -Xmx512m -Dtoplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform -Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0 -Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.config=krbLogin.conf -Dsun.security.krb5.debug=true -Djavax.security.auth.useSubjectCredsOnly=false -Dweblogic.Chunksize=65536 -Djava.util.logging.config.file=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/logging.properties -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Dweblogic.Name=PIA -Dps_vault=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/psvault -Djavax.net.ssl.trustStore=/u01/app/psoft89/webserv/PREFRESH/piaconfig/keystore/pskey -Dweblogic.ProductionModeEnabled=true -Djava.security.policy=/u01/app/psoft89/weblogic/wlserver_10.3/server/lib/weblogic.policy -Dssl.debug=false -Dps_home=/u01/app/psoft89 weblogic.Server

The files krb5.conf and krbLogin.conf exists and have full access.

With the error above it seems that it is not able to pick the configuration file. But just by changing the JAVA_HOME to /usr/java/jdk1.6_022 it starts working.

I have raised this concern with Oracle almost a month before, but still haven't got any reply from them.

Please help.

Thanks and Regards
Anirudha Singh
  • 1. Re: Error while integrating with Kerberos and AD
    Faisal Khan Expert
    Currently Being Moderated
    Hi Anirudha,

    Did you try giving the full path of the

    -Djava.security.auth.login.config=krbLogin.conf

    BTW where have you placed krbLogin.conf?

    -Faisal
  • 2. Re: Error while integrating with Kerberos and AD
    956112 Newbie
    Currently Being Moderated
    Hi Faisal,

    Thanks for your reply.
    Yes I have given the complete path too.
    This is the full command line of the weblogic server. I had modifed it to test if it is trying to pick it up from any default location.

    java -jrockit -XnoOpt -XXnoJITInline -Xms512m -Xmx512m -Dtoplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform -Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0 -Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.config=/etc/krbLogin.conf -Dsun.security.krb5.debug=true -Djavax.security.auth.useSubjectCredsOnly=false -Dweblogic.security.enableNegotiate=true -Dweblogic.Chunksize=65536 -Djava.util.logging.config.file=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/logging.properties -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Dweblogic.Name=PIA -Dps_vault=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/psvault -Djavax.net.ssl.trustStore=/u01/app/psoft89/webserv/PREFRESH/piaconfig/keystore/pskey -Dweblogic.ProductionModeEnabled=true -Djava.security.policy=/u01/app/psoft89/weblogic/wlserver_10.3/server/lib/weblogic.policy -Dssl.debug=false -Dps_home=/u01/app/psoft89 weblogic.Server



    The file is located in /etc folder and has 777 permissions.

    Thanks and Regards
    Anirudha Singh
  • 3. Re: Error while integrating with Kerberos and AD
    Faisal Khan Expert
    Currently Being Moderated
    Hi Anirudha,

    It might be an issue with jrockit then.. please raise a ticket with Oracle Support and do let us know the solution.

    Thanks,
    Faisal

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points