WLS10.3.5 cannot accept kerberos ticket from Microsoft Forefront Threat Management Gateway 2010
Hi,
WebLogic Server 10.3.5 cannot accept kerberos ticket from Microsoft Forefront Threat Management Gateway 2010 on Microsoft Windows Server 2008 R2.
If my customer connects to WebLogic from Internet Explorer, kerberos authentication is successful,
but when kerberos comes from MS TMG 2010 server, it fails.
The WebLogic log contains information of "SPNEGONegotiateToken.discriminate: SPNEGO OID not found, not SPNEGO" :
...
####<Jan 7, 2013 7:00:31 PM CET> <Debug> <SecurityAtn> <hostname> <servername> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1357581631793> <BEA-000000> <SPNEGONegotiateToken.discriminate: SPNEGO static oid 0: 0606 2b06 0105 0502 ..+.....
>
####<Jan 7, 2013 7:00:31 PM CET> <Debug> <SecurityAtn> <hostname> <servername> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1357581631793> <BEA-000000> <SPNEGONegotiateToken.discriminate: SPNEGO in oid 0: 0609 2a86 4886 f712 ..*.H...
WebLogic Server 10.3.5 cannot accept kerberos ticket from Microsoft Forefront Threat Management Gateway 2010 on Microsoft Windows Server 2008 R2.
If my customer connects to WebLogic from Internet Explorer, kerberos authentication is successful,
but when kerberos comes from MS TMG 2010 server, it fails.
The WebLogic log contains information of "SPNEGONegotiateToken.discriminate: SPNEGO OID not found, not SPNEGO" :
...
####<Jan 7, 2013 7:00:31 PM CET> <Debug> <SecurityAtn> <hostname> <servername> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1357581631793> <BEA-000000> <SPNEGONegotiateToken.discriminate: SPNEGO static oid 0: 0606 2b06 0105 0502 ..+.....
>
####<Jan 7, 2013 7:00:31 PM CET> <Debug> <SecurityAtn> <hostname> <servername> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1357581631793> <BEA-000000> <SPNEGONegotiateToken.discriminate: SPNEGO in oid 0: 0609 2a86 4886 f712 ..*.H...
0