Kerberosスプリングjavax.security.auth.login.LoginException:ユーザーからパスワードを取得できません
既存のJava SpringアプリケーションにKerberos認証を実装しています。UNIXチームからSPN、krb5.conf、keytabファイルが提供されました。以下のコードと構成で一生懸命努力していますが、取得できません。以下の添付ログにあるように、ユーザー例外からのパスワード。
私が何か間違ったことをしている場合、または何がうまくいかない可能性がある場合、誰かが私を修正できますか?これについてさらに情報が必要な場合はお知らせください。誰かがKerberos構成が正しいかどうかを確認する方法を教えてくれるといいでしょう。
これが私が試したことです。私は使っている:
- JDK 1.6
- spring-security-kerberos-core-1.0.0.M2.jar
- spring-security-core-3.0.1.RELEASE.jar
- spring-security-config-3.0.1.RELEASE.jar
- spring-security-web-3.0.1.RELEASE.jar
私のsecurity-config.xmlは:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<beans:bean class="com.ci.util.TrimmingPropertyPlaceholderConfigurer">
<beans:property name="searchSystemEnvironment" value="true" />
<beans:property name="locations">
<beans:list>
<beans:value>file:${install.home}/config/application.properties
</beans:value>
<beans:value>file:${install.home}/config/environment.properties
</beans:value>
</beans:list>
</beans:property>
</beans:bean>
<http entry-point-ref="spnegoEntryPoint" auto-config="false">
<intercept-url pattern="/selectBlacklisting*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/j_spring_security_check*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />
<custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_AUTH_FILTER" />
<form-login login-page="/selectBlacklisting.form" default-target-url="/" always-use-default-target="true"/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="kerberosServiceAuthenticationProvider" />
<authentication-provider ref="kerberosAuthenticationProvider"/>
</authentication-manager>
<beans:bean id="spnegoEntryPoint"
class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint" />
<beans:bean id="spnegoAuthenticationProcessingFilter"
class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>
<beans:bean id="kerberosServiceAuthenticationProvider"
class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
<beans:property name="ticketValidator">
<beans:bean
class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
<beans:property name="servicePrincipal" value="${servicePrincipal.url}"/>
<beans:property name="keyTabLocation" value="${keyTabLocation.url}" />
<beans:property name="debug" value="true"/>
</beans:bean>
</beans:property>
<beans:property name="userDetailsService" ref="dummyUserDetailsService" />
</beans:bean>
<beans:bean id="kerberosAuthenticationProvider" class="org.springframework.security.extensions.kerberos.KerberosAuthenticationProvider">
<beans:property name="kerberosClient">
<beans:bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosClient">
<beans:property name="debug" value="true" />
</beans:bean>
</beans:property>
<beans:property name="userDetailsService" ref="dummyUserDetailsService" />
</beans:bean>
<beans:bean class="org.springframework.security.extensions.kerberos.GlobalSunJaasKerberosConfig">
<beans:property name="debug" value="true" />
<beans:property name="krbConfLocation" value="${krbConfLocation.url}" />
</beans:bean>
<beans:bean id="dummyUserDetailsService" class="com.ci.manager.interceptor.DummyUserDetailService"/>
</beans:beans>
上記のsecurity-config.xmlで使用されるプロパティ値:
servicePrincipal.url=HTTP/[email protected]
keyTabLocation.url=file:/MY_APP_ITE3/appmanager/50.T0.17/config/xyzcard-sit1.keytab
krbConfLocation.url=/etc/krb5/krb5.conf
My DummyUserDetailService:
public class DummyUserDetailService implements UserDetailsService {
private static final Logger LOGGER = Logger.getLogger(DummyUserDetailService.class);
public DummyUserDetailService(){
LOGGER.info("DummyUserDetailService constructor called>>>>>>>>>");
}
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
LOGGER.info("loadUserByUsername method called>>>>>>>>>"+username);
LOGGER.info("loadUserByUsername method called>AuthorityUtils.createAuthorityList>>>>>>>>"+AuthorityUtils.createAuthorityList("ROLE_USER"));
return new User(username, "notUsed",true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_USER"));
}
}
私のweb.xmlは:
<web-app xmlns="http://Java.Sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://Java.Sun.com/xml/ns/j2ee http://Java.Sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Customer Intelligence Management Tool</display-name>
<distributable/>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/security-config.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>app-manager</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/app-manager-servlet.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>app-manager</servlet-name>
<url-pattern>*.form</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>15</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>/WEB-INF/jsp/index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/jsp/Error.jsp</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/jsp/FileNotFound.jsp</location>
</error-page>
</web-app>
例外を示すアプリケーションログ:
015-04-20 13:07:42 ERROR org.springframework.web.context.ContextLoader[ContextLoader.Java:219(initWebApplicationContext)] - Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot create inner bean '(inner bean)' of type [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean] while setting bean property 'parent'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.Java:281)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.Java:125)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.Java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.Java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.Java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.Java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.Java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.Java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.Java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.Java:189)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.Java:562)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.Java:871)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.Java:423)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.Java:272)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.Java:196)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.Java:47)
at org.Apache.catalina.core.StandardContext.listenerStart(StandardContext.Java:3764)
at org.Apache.catalina.core.StandardContext.start(StandardContext.Java:4216)
at org.Apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.Java:760)
at org.Apache.catalina.core.ContainerBase.addChild(ContainerBase.Java:740)
at org.Apache.catalina.core.StandardHost.addChild(StandardHost.Java:544)
at org.Apache.catalina.startup.HostConfig.deployWAR(HostConfig.Java:825)
at org.Apache.catalina.startup.HostConfig.deployWARs(HostConfig.Java:714)
at org.Apache.catalina.startup.HostConfig.deployApps(HostConfig.Java:490)
at org.Apache.catalina.startup.HostConfig.start(HostConfig.Java:1138)
at org.Apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.Java:311)
at org.Apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.Java:120)
at org.Apache.catalina.core.ContainerBase.start(ContainerBase.Java:1022)
at org.Apache.catalina.core.StandardHost.start(StandardHost.Java:736)
at org.Apache.catalina.core.ContainerBase.start(ContainerBase.Java:1014)
at org.Apache.catalina.core.StandardEngine.start(StandardEngine.Java:443)
at org.Apache.catalina.core.StandardService.start(StandardService.Java:448)
at org.Apache.catalina.core.StandardServer.start(StandardServer.Java:700)
at org.Apache.catalina.startup.Catalina.start(Catalina.Java:552)
at Sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at Sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.Java:39)
at Sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.Java:25)
at Java.lang.reflect.Method.invoke(Method.Java:597)
at org.Apache.catalina.startup.Bootstrap.start(Bootstrap.Java:295)
at org.Apache.catalina.startup.Bootstrap.main(Bootstrap.Java:433)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.Java:150)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.Java:109)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.Java:274)
... 39 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'kerberosServiceAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.Java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.Java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.Java:355)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.Java:153)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.Java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.Java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.Java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.Java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.Java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.Java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.Java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.Java:189)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.Java:27)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.Java:20)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.Java:143)
... 41 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kerberosServiceAuthenticationProvider' defined in ServletContext resource [/WEB-INF/security-config.xml]: Cannot create inner bean 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' of type [org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator] while setting bean property 'ticketValidator'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.Java:281)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.Java:120)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.Java:1308)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.Java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.Java:511)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.Java:450)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.Java:290)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.Java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.Java:287)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.Java:189)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.Java:322)
... 55 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator#6e41b5' defined in ServletContext resource [/WEB-INF/security-config.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Unable to obtain password from user
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.Java:1403)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.Java:513)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.Java:450)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.Java:270)
... 65 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user
at com.Sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.Java:789)
at com.Sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.Java:654)
at com.Sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.Java:542)
at Sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at Sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.Java:39)
at Sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.Java:25)
at Java.lang.reflect.Method.invoke(Method.Java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.Java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.Java:186)
at javax.security.auth.login.LoginContext$5.run(LoginContext.Java:706)
at Java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.Java:703)
at javax.security.auth.login.LoginContext.login(LoginContext.Java:575)
at org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator.afterPropertiesSet(SunJaasKerberosTicketValidator.Java:125)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.Java:1460)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.Java:1400)
... 68 more
サーバーログ:
Apr 22, 2015 8:29:38 AM org.Apache.catalina.loader.WebappClassLoader validateJarFile
INFO: validateJarFile(/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/work/Catalina/localhost/app-manager/WEB-INF/lib/j2ee-1.4.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab refreshKrb5Config is false principal is HTTP/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
>>> KeyTabInputStream, readName(): SYSTEMS.PRIVATE
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): srv-xyzcard-sit1.systems.private
>>> KeyTab: load() entry length: 88; type: 23
Key for the principal HTTP/[email protected] not available in file:/MY_APP_ITE3/appmanager/50.T0.17/catalina_base/conf/xyzcard-sit1.keytab
[Krb5LoginModule] authentication failed
Unable to obtain password from user
Apr 22, 2015 8:29:52 AM org.Apache.catalina.core.StandardContext start
ご返信ありがとうございます。私は問題を解決しました、問題は私のキータブでした。キータブファイルに、探していたSPNが含まれていませんでした。間違ったSPNで生成されました。いくつかのダミーSPNを試してみたところ、同じ例外が発生していることがわかり、チームに新しいキータブを検証または生成するように依頼しました。
これは、security-configでプロパティ値が解決されていないことが原因である可能性があります。フォローをハードコーディングして再試行できますか?
<beans:property name="servicePrincipal" value="HTTP/[email protected]"/>
<beans:property name="keyTabLocation" value="file:YOUR KEY TAB LOCATION >>/mykey.keytabl" />
Javax.security.auth.login.LoginContextのinitメソッドからエラーがスローされたため、keytabファイルに関するものであるか、サービスの原則が正しく設定されていません。
時々あなたの問題はこの状況が愚かであるということです(私のように):keytabファイルへの間違った方法。