3 Replies Latest reply: Aug 21, 2012 3:06 PM by Faisal Khan RSS

    Error while integrating with Kerberos and AD

    956112
      Hi,

      Implementing Kerberos as the Desktop Single Signon Solution

      Environment : Peoplesoft
      OS : Redhat Linux
      webserver: Weblogic 10.3.4
      appserver : tuxedo 10gr3

      While doing this implementation I was able to complete it successfully with the JDK linux has provided(1.6.0_22). However the weblogic comes preconfigured with jrockit jdk version1.6.0_24-R28.1.3-4.0.1. When I start the weblogic with jrockit jdk as java_home I am getting the following error.


      <Error> <HTTP> <BEA-101165> <Could not load user defined filter in web.xml: com.peoplesoft.pt.desktopsso.kerberos.KerberosSSOFilter.
      java.lang.IllegalArgumentException: No Configuration was registered that can handle the configuration named krbServer
      at com.bea.common.security.jdkutils.JAASConfiguration.getAppConfigurationEntry(JAASConfiguration.java:130)
      at javax.security.auth.login.LoginContext.init(LoginContext.java:243)
      at javax.security.auth.login.LoginContext.<init>(LoginContext.java:334)
      at com.peoplesoft.pt.desktopsso.kerberos.KerberosSSOFilter.init(KerberosSSOFilter.java:142)
      at weblogic.servlet.internal.FilterManager$FilterInitAction.run(FilterManager.java:332)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
      at weblogic.servlet.internal.FilterManager.loadFilter(FilterManager.java:98)
      at weblogic.servlet.internal.FilterManager.preloadFilters(FilterManager.java:59)
      at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1878)
      at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
      at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1508)
      at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:485)
      at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:427)
      at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
      at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
      at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:201)
      at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:249)
      at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:427)
      at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
      at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
      at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:28)
      at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:637)
      at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
      at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
      at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
      at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
      at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
      at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
      at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
      at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:52)
      at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
      at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:31)
      at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
      at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:170)
      at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:124)
      at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:181)
      at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:97)
      at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)

      these are my runtime parameters

      java -jrockit -XnoOpt -XXnoJITInline -Xms512m -Xmx512m -Dtoplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform -Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0 -Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.config=krbLogin.conf -Dsun.security.krb5.debug=true -Djavax.security.auth.useSubjectCredsOnly=false -Dweblogic.Chunksize=65536 -Djava.util.logging.config.file=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/logging.properties -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Dweblogic.Name=PIA -Dps_vault=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/psvault -Djavax.net.ssl.trustStore=/u01/app/psoft89/webserv/PREFRESH/piaconfig/keystore/pskey -Dweblogic.ProductionModeEnabled=true -Djava.security.policy=/u01/app/psoft89/weblogic/wlserver_10.3/server/lib/weblogic.policy -Dssl.debug=false -Dps_home=/u01/app/psoft89 weblogic.Server

      The files krb5.conf and krbLogin.conf exists and have full access.

      With the error above it seems that it is not able to pick the configuration file. But just by changing the JAVA_HOME to /usr/java/jdk1.6_022 it starts working.

      I have raised this concern with Oracle almost a month before, but still haven't got any reply from them.

      Please help.

      Thanks and Regards
      Anirudha Singh
        • 1. Re: Error while integrating with Kerberos and AD
          Faisal Khan
          Hi Anirudha,

          Did you try giving the full path of the

          -Djava.security.auth.login.config=krbLogin.conf

          BTW where have you placed krbLogin.conf?

          -Faisal
          • 2. Re: Error while integrating with Kerberos and AD
            956112
            Hi Faisal,

            Thanks for your reply.
            Yes I have given the complete path too.
            This is the full command line of the weblogic server. I had modifed it to test if it is trying to pick it up from any default location.

            java -jrockit -XnoOpt -XXnoJITInline -Xms512m -Xmx512m -Dtoplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform -Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0 -Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.config=/etc/krbLogin.conf -Dsun.security.krb5.debug=true -Djavax.security.auth.useSubjectCredsOnly=false -Dweblogic.security.enableNegotiate=true -Dweblogic.Chunksize=65536 -Djava.util.logging.config.file=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/logging.properties -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Dweblogic.Name=PIA -Dps_vault=/u01/app/psoft89/webserv/PREFRESH/piaconfig/properties/psvault -Djavax.net.ssl.trustStore=/u01/app/psoft89/webserv/PREFRESH/piaconfig/keystore/pskey -Dweblogic.ProductionModeEnabled=true -Djava.security.policy=/u01/app/psoft89/weblogic/wlserver_10.3/server/lib/weblogic.policy -Dssl.debug=false -Dps_home=/u01/app/psoft89 weblogic.Server



            The file is located in /etc folder and has 777 permissions.

            Thanks and Regards
            Anirudha Singh
            • 3. Re: Error while integrating with Kerberos and AD
              Faisal Khan
              Hi Anirudha,

              It might be an issue with jrockit then.. please raise a ticket with Oracle Support and do let us know the solution.

              Thanks,
              Faisal