0 Replies Latest reply: Feb 26, 2013 1:41 PM by 934505 RSS

    GSSException: Server not found in Kerberos database (7) error

    934505
      I am pulling my hair to understand why I am having the problem below.

      I have the same application running on two solaris boxes. One is running OK. Another one give me the following error.
      Note that all the KDC, realms, username, pwd are the same on both boxes. The two solaris boxes are on the same network.

      2013-02-25 04:00:06 ERROR [LDAPAction - getContext] - Error Obtaining LDAP Context
      javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))]]
           at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:150)
           at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:212)
           at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2720)
           at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
           at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
           at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
           at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
           at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
           at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
           at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
           at javax.naming.InitialContext.init(InitialContext.java:223)
           at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
           at com.mylab.validation.common.util.LDAPAction.getContext(LDAPAction.java:53)
           at com.mylab.validation.common.util.LDAPAction.run(LDAPAction.java:31)
           at java.security.AccessController.doPrivileged(Native Method)
           at javax.security.auth.Subject.doAs(Subject.java:337)
           at com.mylab.validation.common.util.ADLoginModule.commit(ADLoginModule.java:262)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
           at java.lang.reflect.Method.invoke(Method.java:597)
           at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
           at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
           at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
           at java.security.AccessController.doPrivileged(Native Method)
           at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
           at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
           at com.mylab.validation.reports.util.InactivityReportUtility.initialize(InactivityReportUtility.java:110)
           at com.mylab.validation.reports.util.InactivityReportUtility.<init>(InactivityReportUtility.java:78)
           at com.mylab.validation.reports.util.InactivityReportUtility.main(InactivityReportUtility.java:142)
      Caused by: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))]
           at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:194)
           at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:105)
           ... 29 more
      Caused by: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))
           at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:663)
           at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
           at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:162)
           at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:175)
           ... 30 more
      Caused by: KrbException: Server not found in Kerberos database (7)
           at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:61)
           at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:185)
           at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:294)
           at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:106)
           at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:557)
           at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:594)
           ... 33 more
      Caused by: KrbException: Identifier doesn't match expected value (906)
           at sun.security.krb5.internal.KDCRep.init(KDCRep.java:133)
           at sun.security.krb5.internal.TGSRep.init(TGSRep.java:58)
           at sun.security.krb5.internal.TGSRep.<init>(TGSRep.java:53)
           at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:46)
           ... 38 more
      2013-02-25 04:00:06 ERROR [InactivityReportUtility - initialize] - Authentication attempt failed
      javax.security.auth.login.LoginException: java.lang.NullPointerException
           at com.mylab.validation.common.util.ADLoginModule.commit(ADLoginModule.java:278)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
           at java.lang.reflect.Method.invoke(Method.java:597)
           at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
           at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
           at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
           at java.security.AccessController.doPrivileged(Native Method)
           at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
           at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
           at com.mylab.validation.reports.util.InactivityReportUtility.initialize(InactivityReportUtility.java:110)
           at com.mylab.validation.reports.util.InactivityReportUtility.<init>(InactivityReportUtility.java:78)
           at com.mylab.validation.reports.util.InactivityReportUtility.main(InactivityReportUtility.java:142)