LDAP Query

This my code and configuration,

Specification ::

-

Webshpere application server 6.0v

Windows XP pro

CODE ::

--

try {

LoginContext lc = null;

lc = new LoginContext("AS4002WEBJAASLogin", new EmployeeWebLoginCallbackHandler(username, password));

lc.login();

Subject.doAs(lc.getSubject(), new QueryLDAPPrivilegedAction(args));

}catch(Exception fle) {}

public class QueryLDAPPrivilegedAction implements PrivilegedAction {

private String[] args;

public QueryLDAPPrivilegedAction(String[] origArgs) {

this.args = (String[])origArgs.clone();

}

public Object run(){

performQueryOperation(args);

return null;

}

private void performQueryOperation(String[] args){

Hashtable env = new Hashtable(11);

env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

env.put(Context.PROVIDER_URL, "ldap://URL:389");

env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");

try {

DirContext ctx = new InitialDirContext(env);

//tried using the ldapdircontext class also

SearchControls searchCtls = new SearchControls();

searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);

String searchFilter = "(&(objectClass=user)(userPrincipalName="+args[0]+"))";

System.out.println(" Search Filter "+searchFilter);

String searchBase = "DC=XXX,DC=COM";

String returnedAtts[]={"distinguishedName", "memberOf"};

searchCtls.setReturningAttributes(returnedAtts);

NamingEnumeration result = ctx.search(searchBase, searchFilter, searchCtls);

while (result.hasMoreElements()) {

SearchResult sr = (SearchResult)result.next();

log.info("Search Result Name: " + sr.getName());

Attributes attrs = sr.getAttributes();

if (attrs != null) {

try {

for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {

Attribute attr12 = (Attribute)ae.next();

log.info("\tAttribute: " + attr12.getID());

if(attr12.getID().equalsIgnoreCase("memberOf")){

for (NamingEnumeration e = attr12.getAll();e.hasMore();) {

String value = e.next().toString();

log.info("\t\t value: " + value );

}

}else if(attr12.getID().equalsIgnoreCase("distinguishedName")){

for (NamingEnumeration e = attr12.getAll();e.hasMore();) {

String value = e.next().toString();

log.info("\t\t" + value);

}

}

}

}catch (NamingException e){

log.info(" LDAP Problem In Listing Attribute Info --> " + e);

e.printStackTrace();

}

}

}

ctx.close();

}catch (NamingException e) {

log.info(" LDAP Problem In Creating IntialContext "+e);

e.printStackTrace();

}

}

Websphere JAAS conf

-

AS4002WEBJAASLogin{

com.ibm.security.auth.module.Krb5LoginModule required useDefaultCcache=false credsType=both tryFirstPass=true forwardable=true noAddress=true;

};

Kerberos conf

-

[libdefaults]

default_realm = XXXX.COM

default_tkt_enctypes = des-cbc-md5

default_tgs_enctypes = des-cbc-md5

[realms]

XXXX.COM = {

kdc = XXXX.COM

}

[domain_realm]

.XXXX.COM = XXXX.COM

XXXX.COM = XXXX.COM

I could successfully run this code as Java application in netbeans as a web application in Webshere I could not.

If I change the Context.Security Authentication to "simple" and pass the principleusername and password the code is working but I need to use the credentials of kerberos ticket returned while JAAS authentication.

I searched the whole net but I could not find a solution for this. I am not sure where the problem is.

Please help me, I am breaking my head for the past two days.

bdsaia at 2007-7-12 0:14:05 >

How are you specifying the username ?

I had similar problems with Active Directory, and found the freeware tool JXplorer to be invaluable to testing connection problems and LDAP queries first, before I even touched the code.

Normal LDAP usernames are specified something like

cn=omcgovern,dc=dublin,dc=javasoft,dc=com

where dublin.javasoft.com is the fully qualified Active Directory domain controller name.

( Active Directory usually runs under WIndows 2003 Server, which itself acts as a network domain controller )

BUT Active Directory doesn't accept that username style.

You have to connect to Active Directory via LDAP as

omcgovern@dublin.javasoft.com

so try using that naming style first.

And use JXplorer to test your connection strings.

regards,

Owen

omcgoverna at 2007-7-12 0:14:05 >

Updated the latest IBM JVM fix but still having the same problem.

I haven't enabled the security manager. System.getSecurityManager returns null.

Trace ::

JRE :: IBM Java Version 1.4.2

[JGSS_DBG_CRED] JAAS config: debug=true

[JGSS_DBG_CRED] JAAS config: credsType=initiate and accept

[JGSS_DBG_CRED] JAAS config: useDefaultCcache=false (default)

[JGSS_DBG_CRED] JAAS config: useDefaultKeytab=false (default)

[JGSS_DBG_CRED] JAAS config: forwardable=false (default)

[JGSS_DBG_CRED] JAAS config: proxiable=false (default)

[JGSS_DBG_CRED] JAAS config: noAddress=false (default)

[JGSS_DBG_CRED] JAAS config: tryFirstPass=false (default)

[JGSS_DBG_CRED] JAAS config: useFirstPass=false (default)

[JGSS_DBG_CRED] JAAS config: moduleBanner=false (default)

[JGSS_DBG_CRED] JAAS config: interactive login? yes

[JGSS_DBG_CRED] Creating service key for principal user@XXX.COM

[KRB_DBG_KDC] EncryptionKey:main: >>> EncryptionKey: config default key type is des-cbc-md5

[JGSS_DBG_PROV] IBMJGSSProvider (version 1.42) loaded

[KRB_DBG_KDC] Credentials:main: >>> Credentials: Created Credentials with 1 keys. Key types:

[KRB_DBG_KDC] Credentials:main: [1] des-cbc-md5

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[JGSS_DBG_CRED] Doing Kerberos login for principal user@XXX.COM

[KRB_DBG_KDC] HostAddresses:main: >>> KrbKdcReq local addresses for SPARE-2Z55441 are:

[KRB_DBG_KDC] HostAddresses:main:

SPARE-2Z55441/10.10.10.130

[KRB_DBG_AS] KrbAsReq:main: >>> KrbAsReq calling createMessage

[KRB_DBG_AS] KrbAsReq:main: >>> KrbAsReq in createMessage

[KRB_DBG_AS] KrbAsReq:main: request etypes:

[1] des-cbc-md5

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: kdc=XXX.COM UDP:88, timeout=30000, number of retries =3, #bytes=233

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: #bytes read=1279

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: #bytes read=1279

[JGSS_DBG_CRED] trying key type des-cbc-md5

[KRB_DBG_AS] KrbAsRep:main: AS Reply from the KDC:0000: 6b 82 04 fb 30 82 04 f7 a0 03 02 01 05 a1 03 02 k...0...........

0010: 01 0b a2 1e 30 1c 30 1a a1 03 02 01 03 a2 13 04 ....0.0.........

0020: 11 57 41 49 43 2e 43 4f 4d 64 65 6e 74 79 74 65 .XXX.COM

0030: 63 68 a3 0a 1b 08 57 41 49 43 2e 43 4f 4d a4 16 ch....XXX.COM..

0040: 30 14 a0 03 02 01 03 a1 0d 30 0b 1b 09 64 65 6e 0........0...

0050: 74 79 74 65 63 68 a5 82 03 9d 61 82 03 99 30 82 ....a...0.

0060: 03 95 a0 03 02 01 05 a1 0a 1b 08 57 41 49 43 2e ...........XXX.

0070: 43 4f 4d a2 1d 30 1b a0 03 02 01 00 a1 14 30 12 COM..0........0.

0080: 1b 06 6b 72 62 74 67 74 1b 08 57 41 49 43 2e 43 ..krbtgt..XXX.C

0090: 4f 4d a3 82 03 61 30 82 03 5d a0 03 02 01 03 a2 OM...a0.........

00a0: 82 03 54 04 82 03 50 f1 c4 8a f5 7d 79 06 de 50 ..T...P.....y..P

00b0: 12 24 fc a7 26 5b 6a 7d 1f 20 85 9e a3 06 0a cc ......j.........

00c0: 59 c3 a5 32 5b a8 77 c9 f9 92 cd 3a 36 3e 73 b7 Y..2..w.....6.s.

00d0: 40 46 ae 7e 27 c7 17 7d 8b ce 5b 25 3f a3 71 36 .F............q6

00e0: 8b e7 d0 3f 2d a7 4b 82 ad de 52 b8 2a 7f 8f 65 ......K...R....e

00f0: 75 1e 52 9e 7c c7 57 03 44 45 ba cb 12 aa 2b 46 u.R...W.DE.....F

0100: 1e ef 0d 3b dc 74 ae e7 27 ce 2e 10 e2 ed 25 95 .....t..........

0110: fa 4a 18 82 b8 19 81 92 12 b2 f7 64 0e 0b a4 fd .J.........d....

0120: 84 17 cc 08 46 5e d1 3a cf 67 47 fe d7 dd bc 04 ....F....gG.....

0130: 5b 60 20 17 a0 db 8e c3 43 fe 36 a7 0c 5f f8 fa ........C.6.....

0140: 27 b6 ee 36 ec 1d 7a cb 41 83 59 74 8a 82 16 84 ...6..z.A.Yt....

0150: 3f 61 35 70 d1 0e 0b 0e 19 db 3a 5d c6 d8 04 84 .a5p............

0160: 47 2f b1 b4 af 3e f4 85 74 75 3a 0b bb 11 57 0e G.......tu....W.

0170: 73 ca f7 f0 b8 1b 93 20 3f 1d 69 cb fc 33 23 1c s.........i..3..

0180: 0c 11 0c 0d de 06 e3 8b e6 de 14 5b 84 73 e5 d1 .............s..

0190: 6b b0 fe 42 52 38 bc 19 1a 14 4c a8 91 c0 84 09 k..BR8....L.....

01a0: a7 0a 67 9b c6 26 cd 61 b1 e3 90 e4 14 24 9a 4a ..g....a.......J

01b0: 15 d3 1f d0 1b 2e de 09 1a 14 cb f3 a8 1a 93 30 ...............0

01c0: 0c d2 8b 9b c6 26 67 95 ba 0e e9 5b 85 e0 d6 8e ......g.........

01d0: 53 c9 e7 ee 78 7a 02 3c 7d 57 d8 21 97 21 16 b0 S...xz...W......

01e0: 17 e6 35 06 3e aa af 5e ac 2d 56 5b e5 4c cf cf ..5.......V..L..

01f0: ea 8b 1c a3 05 1b 95 fa c6 83 53 3a dc f5 37 0f ..........S...7.

0200: f9 6e 92 f1 c2 a1 94 58 76 54 58 6c 5f 85 eb df .n.....XvTXl....

0210: 80 0f a8 9c d8 3d 93 fb 04 e0 52 56 8e 0f 2a be ..........RV....

0220: de 6a 28 ba 1b 59 01 e8 0d cb 27 05 c1 e9 35 82 .j...Y........5.

0230: a6 e7 89 c6 82 24 12 94 1d 57 77 3d 1e 3d fa c7 .........Ww.....

0240: d8 d1 c8 f7 de 01 48 23 0d 70 2d 0e 48 0e 64 06 ......H..p..H.d.

0250: 15 f3 91 f7 0e e2 e7 e6 74 cb fe 73 41 28 19 4b ........t..sA..K

0260: bc f3 6c bc 77 46 67 e4 e0 95 ab 69 ce 4c e9 73 ..l.wFg....i.L.s

0270: a2 24 fc c7 5a e2 3c be 58 34 49 7b 80 e9 2f 9c ....Z...X4I.....

0280: 92 69 5c 78 7d 49 82 64 eb 07 0b 04 2d 74 d5 d4 .i.x.I.d.....t..

0290: 43 4e 5c d3 e0 be 97 b7 04 d2 79 13 a0 a6 47 83 CN........y...G.

02a0: 61 35 9e 5d 93 e4 bd 02 b2 0f 87 a0 a6 18 13 57 a5.............W

02b0: e8 10 05 c3 9b 79 0b c4 08 d4 19 ea 22 28 1c 7a .....y.........z

02c0: e7 79 be 1d ca 43 ed 4b aa ab 7d 5d 48 e8 55 cd .y...C.K....H.U.

02d0: e9 2d cd 7f 89 31 03 5c c5 27 eb c0 9e b7 7f 67 .....1.........g

02e0: df 16 37 f7 f5 d9 0b 8f 1a e0 22 17 0f 28 03 12 ..7.............

02f0: 7f 4f 89 9b 7c ec 01 d4 87 dd b6 ec 97 03 34 f2 .O............4.

0300: 44 5d e9 fc e2 87 8e 42 f1 1b 7c 5a e3 a7 48 85 D......B...Z..H.

0310: 13 4b 7c bf 68 84 72 40 4b f3 4b ea 0d 5f 38 67 .K..h.r.K.K...8g

0320: f8 be f9 14 5c 36 9f ba 03 4c 6d dd b1 60 0a 24 .....6...Lm.....

0330: f9 96 10 40 f7 46 59 bc cd 4c ff 22 98 bd 14 79 .....FY..L.....y

0340: 91 d9 a0 5f 8c d5 a9 f7 a0 99 db 35 6e ab 1d bb ...........5n...

0350: 2c 2c 22 51 6f 0d 69 23 96 9b 8b f7 3f 43 74 19 ...Qo.i......Ct.

0360: 8b 52 f1 83 da 15 04 9d 11 dd 25 3a 36 8d 1b b4 .R..........6...

0370: b0 68 f1 1c 29 a8 6d f1 42 8b fc cf 56 71 ed 8a .h....m.B...Vq..

0380: 27 2d 31 0e db b2 45 3d 44 0b 34 7d ab 31 a6 d2 ..1...E.D.4..1..

0390: 6b 1d 96 7d f8 3e 2d eb 06 87 f5 a8 0f 74 f3 1f k............t..

03a0: 25 18 85 92 55 14 7d 05 4e 96 e0 75 4b ed 7d ca ....U...N..uK...

03b0: 92 64 11 3f 7b 61 96 ca 74 5d fd 3e 21 0b b0 a9 .d...a..t.......

03c0: 36 b3 25 d8 b6 96 8f 04 eb 89 5c c3 f9 a9 cf 6d 6..............m

03d0: 39 32 a2 03 d4 a9 d5 a0 9b fc 76 68 f6 64 24 9b 92........vh.d..

03e0: 09 c5 be 73 f9 fd d2 52 34 ca 3a 66 ef 06 b4 fe ...s...R4..f....

03f0: 14 24 14 85 c8 3b 81 a6 82 01 04 30 82 01 00 a0 ...........0....

0400: 03 02 01 03 a1 03 02 01 01 a2 81 f3 04 81 f0 a4 ................

0410: 65 ba 57 f2 7a 2e fb f6 73 46 c6 f8 7d f8 c0 a0 e.W.z...sF......

0420: 82 96 a7 cb df ad 4c ca 0c 2e 0b 66 34 6d 10 6c ......L....f4m.l

0430: 0f a1 5a 63 4e 61 4a e6 ca 2d ac 4e 4b f4 68 26 ..ZcNaJ....NK.h.

0440: c4 a2 b1 32 37 cb f9 6f b2 73 95 60 00 18 13 2e ...27..o.s......

0450: e6 05 3e 67 97 7d 77 2d 9e 7b 4d 6c 2a 36 5e 17 ...g..w...Ml.6..

0460: 6d fd 16 96 4a 33 d1 57 07 c0 b5 67 49 4b 9d b9 m...J3.W...gIK..

0470: d6 9e 14 26 e6 3f 16 e1 75 e6 37 55 0a 83 65 5a ........u.7U..eZ

0480: dc 5e 90 2d 3e ba ba c4 a9 0e 34 34 57 39 8a 92 ..........44W9..

0490: ac 86 77 65 8a 0d a7 e0 f1 66 42 2c 34 d2 fe a3 ..we.....fB.4...

04a0: 85 66 1b e2 2a f1 28 31 2b 2a df 67 73 53 5f 84 .f.....1...gsS..

04b0: 6b 23 56 ee 9b d0 99 83 c8 1b ba b1 5c b9 89 03 k.V.............

04c0: 13 d0 b9 61 6f c2 bb 88 a7 af 1d 2e 65 14 84 38 ...ao.......e..8

04d0: 1f f9 b2 4b 18 5a a4 78 1d 58 32 9e 77 e3 8e be ...K.Z.x.X2.w...

04e0: da fa 7c 9c 19 b6 55 52 fb c6 e3 70 e0 ed e9 b7 ......UR...p....

04f0: fb a5 45 69 96 d7 fc 3d ac fa 78 de 5c 94 85..Ei......x....

[KRB_DBG_AS] KrbAsRep:main: >>> KrbAsRep client in AS REP user

[KRB_DBG_AS] KrbAsRep:main: >>> KrbAsRep session key type in AS REP des-cbc-md5

[KRB_DBG_AS] KrbAsRep:main: >>> KrbAsRep session key in AS REP:

0000: e5 0b d5 32 c1 dc f1 d5...2....

[JGSS_DBG_CRED] Kerberos login complete

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[KRB_DBG_KDC] Credentials:main: Session Key is Only Service Key

[KRB_DBG_KDC] Credentials:main: Session Key is Only Service Key

[JGSS_DBG_CRED] Login successful

[JGSS_DBG_CRED] user@XXX.COM added to Subject

[JGSS_DBG_CRED] Kerberos ticket for user@XXX.COM added to Subject

[JGSS_DBG_CRED] Attempting to add 1 Kerberos key(s) to Subject for user@XXX.COM

[JGSS_DBG_CRED] added key of type des-cbc-md5

[JGSS_DBG_CRED] Successfully added 1 keys to Subject.

Logged in

Before Creating Context

[JGSS_DBG_PROV] Number of system providers=4

[JGSS_DBG_PROV] getMechOidFromProperty: mech oid string = 1.2.840.113554.1.2.2

[JGSS_DBG_PROV] 1 system providers found/added

[JGSS_DBG_PROV] getMechOidFromProperty: mech oid string = 1.2.840.113554.1.2.2

[JGSS_DBG_PROV] getMechs: Mechanism(s) supported by provider IBMJGSSProvider

[JGSS_DBG_PROV] 1.2.840.113554.1.2.2

[JGSS_DBG_PROV] getMechs: 1 unique mechanism(s) found

[JGSS_DBG_PROV] [0]: 1.2.840.113554.1.2.2

[JGSS_DBG_CRED] MN not found; creating one

[JGSS_DBG_PROV] Created new (empty) factory list (size=1) for provider IBMJGSSProvider version 1.42

[JGSS_DBG_PROV] Loading factory

[JGSS_DBG_PROV] Factory class name for provider IBMJGSSProvider version 1.42 is com.ibm.security.jgss.mech.krb5.Krb5MechFactory

[JGSS_DBG_PROV] Loaded factory for provider IBMJGSSProvider version 1.42

[JGSS_DBG_PROV] Loaded factory ok

[JGSS_DBG_PROV] getFactory: index = 0 found factory

[JGSS_DBG_CRED] FQDN=xxxx.XXX.com

[JGSS_DBG_CRED] Cannonicalizing hostbased service name ldap@xxxx.XXX.com

[JGSS_DBG_CRED] Hostname xxxx.XXX.com

[JGSS_DBG_CRED] No realm from cfg domain-realm mapping for hostname

[JGSS_DBG_CRED] Domain .XXX.com

[JGSS_DBG_CRED] Realm XXX.COM

[JGSS_DBG_CRED] Name cannonicalization complete, resulting name string=ldap/xxxx.XXX.com@XXX.COM

[JGSS_DBG_CRED] Krb5 name type = 3

[JGSS_DBG_CTX] Creating context, initiator = yes, input cred = null

[JGSS_DBG_CTX] Creating default initiator creds

[JGSS_DBG_CRED] Creating mech cred for null, mech 1.2.840.113554.1.2.2, usage initiate only

[JGSS_DBG_PROV] getFactory: index = 0 found factory

[JGSS_DBG_CRED] Obtaining Subject creds for default principal

[JGSS_DBG_CRED] SubjectCredFinder: client=null, server=null

[JGSS_DBG_CRED] SubjectCredFinder (default) KerberosTicket: client=user@XXX.COM, server=krbtgt/XXX.COM@XXX.COM

[JGSS_DBG_CRED] Got client creds from Subject

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[JGSS_DBG_CRED] Got creds for user@XXX.COM

[JGSS_DBG_CRED] Kerberos ticket end time: (1177729195 secs) Fri Apr 27 19:59:55 PDT 2007

[JGSS_DBG_CRED] Remaining lifetime of kerberos ticket: 36000 secs

[JGSS_DBG_CRED] Requested initLifetime: 2147483647 secs

[JGSS_DBG_CRED] Starttime: (1177693195 secs) Fri Apr 27 09:59:55 PDT 2007

[JGSS_DBG_CRED] InitLifetime: 36000 secs

[JGSS_DBG_CRED] Adding mech cred

[JGSS_DBG_CTX] Creating context, cred usage = 1

[JGSS_DBG_PROV] getFactory: index = 0 found factory

[JGSS_DBG_PROV] getMechs: Mechanism(s) supported by provider IBMJGSSProvider

[JGSS_DBG_PROV] 1.2.840.113554.1.2.2

[JGSS_DBG_PROV] getMechs: 1 unique mechanism(s) found

[JGSS_DBG_PROV] [0]: 1.2.840.113554.1.2.2

[JGSS_DBG_CTX] Default list of negotiable mechs:

1.2.840.113554.1.2.2

[JGSS_DBG_CTX] initSecContext: first time? true

[JGSS_DBG_CTX] initSecContext: ignoring input

[JGSS_DBG_CTX] Acquiring service creds/ticket for server ldap/xxxx.XXX.com@XXX.COM

[JGSS_DBG_CRED] Obtaining Subject creds for for server user@XXX.COM

[JGSS_DBG_CRED] Retrieved 1 keys from Subject. Key types:

[1] des-cbc-md5

[JGSS_DBG_CRED] SubjectCredFinder: client=user@XXX.COM, server=ldap/xxxx.XXX.com@XXX.COM

[KRB_DBG_KDC] Credentials:main: >>> Credentials: Created Credentials with 1 keys. Key types:

[KRB_DBG_KDC] Credentials:main: [1] des-cbc-md5

[JGSS_DBG_CRED] Got server creds from Subject

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[JGSS_DBG_CRED] Got creds for user@XXX.COM

[JGSS_DBG_CRED] Kerberos ticket endtime is null, using default max ticket lifetime: 86400 secs

[JGSS_DBG_CRED] Requested acceptLifetime: 36000 secs

[JGSS_DBG_CRED] Starttime: (1177693195 secs) Fri Apr 27 09:59:55 PDT 2007

[JGSS_DBG_CRED] AcceptLifetime: 36000 secs

[JGSS_DBG_CTX] Check Service creds for ticket, need that.

[KRB_DBG_KDC] Credentials:main:Returning Ticket

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[KRB_DBG_TGS] TgsCredentials:main: >>>Credentials acquireServiceCreds: same realm

[KRB_DBG_TGS] KrbTgsReq:main: >>>KrbTgsReq: req enc types: des-cbc-md5

[KRB_DBG_KDC] Checksum:main: >>>Checksum: checksum default_checksum=rsa-md5

[KRB_DBG_KDC] Checksum:main: >>>Checksum: checksum default_checksum=7

[KRB_DBG_KDC] Checksum:main: >>>Checksum: null checksum safe_checksum_type in config

[KRB_DBG_KDC] Checksum:main: >>>Checksum: checksum safe_checksum_type=8

[KRB_DBG_TGS] KrbTgsReq:main: >>>KrbTgsReq: using checksum type rsa-md5 for session key type des-cbc-md5

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: kdc=XXX.COM UDP:88, timeout=30000, number of retries =3, #bytes=1241

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: #bytes read=1340

[KRB_DBG_KDC] KrbKdcReq:main: >>> KrbKdcReq send: #bytes read=1340

[KRB_DBG_KDC] Credentials:main: >>>Credentials.acquireServiceCreds: returning creds:

[KRB_DBG_KDC] Credentials:main: >>>Credentials.acquireServiceCreds: returning creds:

[KRB_DBG_KDC] Credentials:main: >>>DEBUG: -Credentials-

[KRB_DBG_KDC] Credentials:main: client: user@XXX.COM

[KRB_DBG_KDC] Credentials:main: server: ldap/xxxx.XXX.com@XXX.COM

[KRB_DBG_KDC] Credentials:main: ticket: realm: XXX.COM

[KRB_DBG_KDC] Credentials:main: sname: ldap/xxxx.XXX.com@XXX.COM

[KRB_DBG_KDC] Credentials:main: startTime: 1177693195000

[KRB_DBG_KDC] Credentials:main: endTime: 1177729195000

[KRB_DBG_KDC] Credentials:main: -Credentials end-

[KRB_DBG_KDC] Credentials:main: Session Key is Only Service Key

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[JGSS_DBG_CTX] Kerberos Service ticket stored in subject

[JGSS_DBG_CTX] Session key type = des-cbc-md5

[JGSS_DBG_MARSH] Encoded null channel binding

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[KRB_DBG_KDC] Credentials:main:Client Name:user@XXX.COM

[KRB_DBG_KDC] Credentials:main: Session Key is Only Service Key

[KRB_DBG_KDC] Credentials:main:Returning Ticket

[JGSS_DBG_CTX] initSecContext: received token from mech, len=1270

[JGSS_DBG_MARSH] mech DER=

[JGSS_DBG_MARSH] 0000: 06 09 2a 86 48 86 f7 12 01 02 02....H......

[JGSS_DBG_MARSH] inner token=

[JGSS_DBG_MARSH] 0000: 01 00 6e 82 04 f0 30 82 04 ec a0 03 02 01 05 a1 ..n...0.........

0010: 03 02 01 0e a2 07 03 05 00 00 00 00 00 a3 82 04 ................

0020: 1c 61 82 04 18 30 82 04 14 a0 03 02 01 05 a1 0a .a...0..........

0030: 1b 08 57 41 49 43 2e 43 4f 4d a2 24 30 22 a0 03 ..XXX.COM..0...

0040: 02 01 03 a1 1b 30 19 1b 04 6c 64 61 70 1b 11 61 .....0...ldap..a

0050: 73 34 30 30 77 6e 74 2e 77 61 69 63 2e 63 6f 6d XXX.com

0060: a3 82 03 d9 30 82 03 d5 a0 03 02 01 03 a2 82 03 ....0...........

0070: cc 04 82 03 c8 af 59 4f 60 73 bb 72 aa 8f ee 41 ......YO.s.r...A

0080: 3f 7c b7 b2 74 53 fb 57 b6 d3 d9 de ab dd cb 1c ....tS.W........

0090: 24 5a 77 6a 07 43 2c c2 5a 47 cf a5 2a ea 8c 3a .Zwj.C..ZG......

00a0: 88 28 84 1e 42 63 1e 16 72 03 83 a6 bd 47 d1 f8 ....Bc..r....G..

00b0: f3 09 b2 7c e9 0b ae 66 2b 6f 12 e2 c1 4b c9 b7 .......f.o...K..

00c0: 16 b1 31 a5 a7 6b 00 3d e8 46 60 be 72 bb fd 1a ..1..k...F..r...

00d0: 1f 57 dc ac e6 30 d3 c0 fc b9 ba 3e b9 a4 1f e1 .W...0..........

00e0: 09 b9 07 17 37 ed 9c 8d 3f c6 96 13 3a 6a 7e a3 ....7........j..

00f0: 6d f8 3d ea c9 94 30 70 c7 96 22 7f 7f 8b d4 48 m.....0p.......H

0100: 6b 06 4b 27 bf f8 e3 76 11 39 2b a2 6b 1d 63 53 k.K....v.9..k.cS

0110: 61 92 3b 28 80 54 3f 2c be 93 3d d8 7e 44 2a ef a....T.......D..

0120: 62 6d ff 85 8a 93 67 37 b9 39 dc d5 f1 d5 98 f0 bm....g7.9......

0130: f1 d5 af 3e 7d 60 d4 c4 74 48 ad 25 6e d7 60 38 ........tH..n..8

0140: b3 14 e5 69 3a 33 76 80 dc cf 7e 3d 0d 94 ec 9b ...i.3v.........

0150: 9f d7 76 28 d3 8b e2 31 6d 9e d6 a0 0a 08 e5 ca ..v....1m.......

0160: 06 13 0b e0 91 f7 3a b0 f1 35 84 aa 98 0c b8 bf .........5......

0170: 7e 53 cc 6e 4e 25 55 7a d6 50 5a e9 92 23 71 d7 .S.nN.Uz.PZ...q.

0180: 81 52 8b 3f f6 c2 08 a1 cd f9 5f 87 83 09 23 44 .R.............D

0190: 5d fb 8e c5 0f 28 38 b2 b7 7f ed 7c 86 57 7a d8 ......8......Wz.

01a0: d4 7f 23 bf ef 55 32 c3 18 1f 1c 1f 4b bc 36 40 .....U2.....K.6.

01b0: dc 32 a6 9a cb b7 45 7d d1 11 d9 b9 4d d5 29 55 .2....E.....M..U

01c0: ab ac 6d 37 5a f1 69 e7 41 33 a1 08 59 e0 50 7b ..m7Z.i.A3..Y.P.

01d0: ff 35 7a 53 88 45 e1 c3 25 8a 46 36 f4 4e 3a de .5zS.E....F6.N..

01e0: c1 c8 c6 3b 20 83 42 61 e1 53 b0 f8 85 2b ec f7 ......Ba.S......

01f0: a7 d5 0a 6f 61 fa 93 05 23 ee c3 cf 67 f5 ed 2a ...oa.......g...

0200: 0e 43 eb 8f 61 e7 fa c3 ff 95 62 1d 3a 9f 28 c0 .C..a.....b.....

0210: 28 98 4f 8b a8 19 a0 24 1c 77 cb 2d 75 09 6f 12 ..O......w..u.o.

0220: 47 09 c5 5a 79 f0 95 9f aa a8 3d 78 7c 31 31 83 G..Zy......x.11.

0230: 22 c5 4c 6e 00 b7 c6 f5 49 13 ff e3 45 7e 2c b1 ..Ln....I...E...

0240: 38 db 01 f6 6f 7b 83 65 5d a4 7d e2 7e 70 57 6c 8...o..e.....pWl

0250: 7f ef 94 48 74 9c 34 67 47 e4 bf 14 3b 88 06 43 ...Ht.4gG......C

0260: 04 d7 df 46 11 df 01 79 96 24 30 a9 a4 07 f6 c0 ...F...y..0.....

0270: a3 15 56 19 3f c8 30 e7 15 28 76 eb ef 31 cf a3 ..V...0...v..1..

0280: a9 79 a2 6e 11 c4 32 a4 b6 9e d1 f4 6d c0 42 e0 .y.n..2.....m.B.

0290: cc f2 2c d0 93 1c 79 7b df 47 e2 c5 4d b7 d6 02 ......y..G..M...

02a0: 82 7c c6 fb 5f e7 72 28 5a d3 a7 91 fb 2c f4 13 ......r.Z.......

02b0: f9 da 65 83 77 8c d1 aa 39 d0 c7 e4 43 12 6e 0f ..e.w...9...C.n.

02c0: 4b 72 f4 70 ef 7a 3a 0b 89 59 94 70 8a 57 ad 9d Kr.p.z...Y.p.W..

02d0: d8 96 24 75 b2 64 c4 e8 0f 0b a4 c9 26 ce 35 4f ...u.d........5O

02e0: 7b a4 d8 5a f3 6d 89 6a ba a3 1b cd eb 0d 09 98 ...Z.m.j........

02f0: f3 2c f9 20 13 c2 76 0f 38 c0 10 4c 85 f4 77 f9 ......v.8..L..w.

0300: 9c f6 3f f4 51 97 29 0f ea a1 a9 ba e4 71 de f4 ....Q........q..

0310: 84 fc b6 7a cc 27 d7 53 fd a3 65 7f 88 ed 21 3b ...z...S..e.....

0320: 65 a7 fb 26 bc fc 69 2d 91 c7 5a 67 c6 67 71 05 e.....i...Zg.gq.

0330: 01 ca be 04 a0 6e 3f 72 d5 4d 0e 14 52 2c cf 10 .....n.r.M..R...

0340: 36 75 2e d1 69 e3 d7 cf 3d 77 b7 7f 7b c0 37 df 6u..i....w....7.

0350: e3 49 9e 69 88 9f 50 53 2d 34 d6 4f b4 92 c6 12 .I.i..PS.4.O....

0360: e1 51 8d 85 82 7d e9 22 ba 5c 32 f7 a7 d8 95 de .Q........2.....

0370: 48 af 57 c6 63 cb a5 7e 96 3e 16 f5 19 2a 2d 43 H.W.c..........C

0380: 4f 27 39 f6 c4 16 4f cb 2b 3e a4 5c 9c 24 fd 74 O.9...O........t

0390: b2 e5 a4 d1 9d d3 18 3d 2a 44 f4 6e 33 df 06 b9 .........D.n3...

03a0: 0e ca 5e 1a 12 4b 49 3d 3f a2 e9 13 f1 a6 df 3b .....KI.........

03b0: 4b 76 49 2f 42 a6 49 04 e5 62 58 97 62 da 46 b6 KvI.B.I..bX.b.F.

03c0: db a1 f3 9c e9 61 e4 1f ae 7e c3 a4 69 6d e0 67 .....a......im.g

03d0: c1 42 ce c6 a2 55 84 55 e3 c9 5f 56 94 4b 69 07 .B...U.U...V.Ki.

03e0: 1a 5c 89 21 dd 35 e6 34 f3 8c 07 2b e0 7d fd 21 .....5.4........

03f0: 8c 4e 40 3e 33 e5 1f f3 04 17 da 15 20 72 af 6c .N..3........r.l

0400: f4 40 c2 db 6f 7f 69 2f 7f 0c cf d8 a8 a3 07 4a ....o.i........J

0410: 35 08 b2 df d2 df 84 54 1b 81 19 ea 25 d1 fb 5f 5......T........

0420: 4d f9 7f a1 33 8a 83 45 12 b5 46 18 6b 00 ce e1 M...3..E..F.k...

0430: e0 66 89 d3 97 89 61 a2 3b a6 e2 d9 90 a4 81 b6 .f....a.........

0440: 30 81 b3 a0 03 02 01 03 a2 81 ab 04 81 a8 64 d8 0.............d.

0450: 0c 1c 7d 43 93 b3 b7 b9 b2 ed 6c 9b a5 3d 28 b9 ...C......l.....

0460: f0 25 97 5c f8 78 5f 95 f7 01 f6 e1 9a 1a 38 17 .....x........8.

0470: e2 b3 f9 e8 ce d3 75 af 93 b5 7f d6 94 07 0d 5f ......u.........

0480: f0 7e bc 29 4e fd 04 df b7 d7 0d 73 4c db 8c 1c ....N......sL...

0490: dc ac 0c 73 64 31 d9 f9 9b c4 e8 06 75 f5 14 16 ...sd1......u...

04a0: 06 2f 51 31 69 cf a4 d4 46 52 6f 80 b9 72 7b ce ..Q1i...FRo..r..

04b0: 64 c7 e3 9d 96 6a 8a 98 ef 9d 41 14 17 92 30 92 d....j....A...0.

04c0: 64 20 15 d2 fc 6a ad cd 59 14 1e c0 49 fe 37 aa d....j..Y...I.7.

04d0: c6 56 60 65 a3 10 93 d0 9d ab 30 e6 6d cd c9 23 .V.e......0.m...

04e0: c3 49 9c a0 dd 98 8b 2c 04 0e c8 d4 74 f6 07 29 .I..........t...

04f0: 79 30 bd 53 2c 52 y0.S.R

[JGSS_DBG_MARSH] asn1Encoded token=

[JGSS_DBG_MARSH] 0000: 60 82 05 01 06 09 2a 86 48 86 f7 12 01 02 02 01 ........H.......

0010: 00 6e 82 04 f0 30 82 04 ec a0 03 02 01 05 a1 03 .n...0..........

0020: 02 01 0e a2 07 03 05 00 00 00 00 00 a3 82 04 1c ................

0030: 61 82 04 18 30 82 04 14 a0 03 02 01 05 a1 0a 1b a...0...........

0040: 08 57 41 49 43 2e 43 4f 4d a2 24 30 22 a0 03 02 .XXX.COM..0....

0050: 01 03 a1 1b 30 19 1b 04 6c 64 61 70 1b 11 61 73 ....0...ldap..as

0060: 34 30 30 77 6e 74 2e 77 61 69 63 2e 63 6f 6d a3 XXX.com.

0070: 82 03 d9 30 82 03 d5 a0 03 02 01 03 a2 82 03 cc ...0............

0080: 04 82 03 c8 af 59 4f 60 73 bb 72 aa 8f ee 41 3f .....YO.s.r...A.

0090: 7c b7 b2 74 53 fb 57 b6 d3 d9 de ab dd cb 1c 24 ...tS.W.........

00a0: 5a 77 6a 07 43 2c c2 5a 47 cf a5 2a ea 8c 3a 88 Zwj.C..ZG.......

00b0: 28 84 1e 42 63 1e 16 72 03 83 a6 bd 47 d1 f8 f3 ...Bc..r....G...

00c0: 09 b2 7c e9 0b ae 66 2b 6f 12 e2 c1 4b c9 b7 16 ......f.o...K...

00d0: b1 31 a5 a7 6b 00 3d e8 46 60 be 72 bb fd 1a 1f .1..k...F..r....

00e0: 57 dc ac e6 30 d3 c0 fc b9 ba 3e b9 a4 1f e1 09 W...0...........

00f0: b9 07 17 37 ed 9c 8d 3f c6 96 13 3a 6a 7e a3 6d ...7........j..m

0100: f8 3d ea c9 94 30 70 c7 96 22 7f 7f 8b d4 48 6b .....0p.......Hk

0110: 06 4b 27 bf f8 e3 76 11 39 2b a2 6b 1d 63 53 61 .K....v.9..k.cSa

0120: 92 3b 28 80 54 3f 2c be 93 3d d8 7e 44 2a ef 62 ....T.......D..b

0130: 6d ff 85 8a 93 67 37 b9 39 dc d5 f1 d5 98 f0 f1 m....g7.9.......

0140: d5 af 3e 7d 60 d4 c4 74 48 ad 25 6e d7 60 38 b3 .......tH..n..8.

0150: 14 e5 69 3a 33 76 80 dc cf 7e 3d 0d 94 ec 9b 9f ..i.3v..........

0160: d7 76 28 d3 8b e2 31 6d 9e d6 a0 0a 08 e5 ca 06 .v....1m........

0170: 13 0b e0 91 f7 3a b0 f1 35 84 aa 98 0c b8 bf 7e ........5.......

0180: 53 cc 6e 4e 25 55 7a d6 50 5a e9 92 23 71 d7 81 S.nN.Uz.PZ...q..

0190: 52 8b 3f f6 c2 08 a1 cd f9 5f 87 83 09 23 44 5d R.............D.

01a0: fb 8e c5 0f 28 38 b2 b7 7f ed 7c 86 57 7a d8 d4 .....8......Wz..

01b0: 7f 23 bf ef 55 32 c3 18 1f 1c 1f 4b bc 36 40 dc ....U2.....K.6..

01c0: 32 a6 9a cb b7 45 7d d1 11 d9 b9 4d d5 29 55 ab 2....E.....M..U.

01d0: ac 6d 37 5a f1 69 e7 41 33 a1 08 59 e0 50 7b ff .m7Z.i.A3..Y.P..

01e0: 35 7a 53 88 45 e1 c3 25 8a 46 36 f4 4e 3a de c1 5zS.E....F6.N...

01f0: c8 c6 3b 20 83 42 61 e1 53 b0 f8 85 2b ec f7 a7 .....Ba.S.......

0200: d5 0a 6f 61 fa 93 05 23 ee c3 cf 67 f5 ed 2a 0e ..oa.......g....

0210: 43 eb 8f 61 e7 fa c3 ff 95 62 1d 3a 9f 28 c0 28 C..a.....b......

0220: 98 4f 8b a8 19 a0 24 1c 77 cb 2d 75 09 6f 12 47 .O......w..u.o.G

0230: 09 c5 5a 79 f0 95 9f aa a8 3d 78 7c 31 31 83 22 ..Zy......x.11..

0240: c5 4c 6e 00 b7 c6 f5 49 13 ff e3 45 7e 2c b1 38 .Ln....I...E...8

0250: db 01 f6 6f 7b 83 65 5d a4 7d e2 7e 70 57 6c 7f ...o..e.....pWl.

0260: ef 94 48 74 9c 34 67 47 e4 bf 14 3b 88 06 43 04 ..Ht.4gG......C.

0270: d7 df 46 11 df 01 79 96 24 30 a9 a4 07 f6 c0 a3 ..F...y..0......

0280: 15 56 19 3f c8 30 e7 15 28 76 eb ef 31 cf a3 a9 .V...0...v..1...

0290: 79 a2 6e 11 c4 32 a4 b6 9e d1 f4 6d c0 42 e0 cc y.n..2.....m.B..

02a0: f2 2c d0 93 1c 79 7b df 47 e2 c5 4d b7 d6 02 82 .....y..G..M....

02b0: 7c c6 fb 5f e7 72 28 5a d3 a7 91 fb 2c f4 13 f9 .....r.Z........

02c0: da 65 83 77 8c d1 aa 39 d0 c7 e4 43 12 6e 0f 4b .e.w...9...C.n.K

02d0: 72 f4 70 ef 7a 3a 0b 89 59 94 70 8a 57 ad 9d d8 r.p.z...Y.p.W...

02e0: 96 24 75 b2 64 c4 e8 0f 0b a4 c9 26 ce 35 4f 7b ..u.d........5O.

02f0: a4 d8 5a f3 6d 89 6a ba a3 1b cd eb 0d 09 98 f3 ..Z.m.j.........

0300: 2c f9 20 13 c2 76 0f 38 c0 10 4c 85 f4 77 f9 9c .....v.8..L..w..

0310: f6 3f f4 51 97 29 0f ea a1 a9 ba e4 71 de f4 84 ...Q........q...

0320: fc b6 7a cc 27 d7 53 fd a3 65 7f 88 ed 21 3b 65 ..z...S..e.....e

0330: a7 fb 26 bc fc 69 2d 91 c7 5a 67 c6 67 71 05 01 .....i...Zg.gq..

0340: ca be 04 a0 6e 3f 72 d5 4d 0e 14 52 2c cf 10 36 ....n.r.M..R...6

0350: 75 2e d1 69 e3 d7 cf 3d 77 b7 7f 7b c0 37 df e3 u..i....w....7..

0360: 49 9e 69 88 9f 50 53 2d 34 d6 4f b4 92 c6 12 e1 I.i..PS.4.O.....

0370: 51 8d 85 82 7d e9 22 ba 5c 32 f7 a7 d8 95 de 48 Q........2.....H

0380: af 57 c6 63 cb a5 7e 96 3e 16 f5 19 2a 2d 43 4f .W.c..........CO

0390: 27 39 f6 c4 16 4f cb 2b 3e a4 5c 9c 24 fd 74 b2 .9...O........t.

03a0: e5 a4 d1 9d d3 18 3d 2a 44 f4 6e 33 df 06 b9 0e ........D.n3....

03b0: ca 5e 1a 12 4b 49 3d 3f a2 e9 13 f1 a6 df 3b 4b ....KI.........K

03c0: 76 49 2f 42 a6 49 04 e5 62 58 97 62 da 46 b6 db vI.B.I..bX.b.F..

03d0: a1 f3 9c e9 61 e4 1f ae 7e c3 a4 69 6d e0 67 c1 ....a......im.g.

03e0: 42 ce c6 a2 55 84 55 e3 c9 5f 56 94 4b 69 07 1a B...U.U...V.Ki..

03f0: 5c 89 21 dd 35 e6 34 f3 8c 07 2b e0 7d fd 21 8c ....5.4.........

0400: 4e 40 3e 33 e5 1f f3 04 17 da 15 20 72 af 6c f4 N..3........r.l.

0410: 40 c2 db 6f 7f 69 2f 7f 0c cf d8 a8 a3 07 4a 35 ...o.i........J5

0420: 08 b2 df d2 df 84 54 1b 81 19 ea 25 d1 fb 5f 4d ......T........M

0430: f9 7f a1 33 8a 83 45 12 b5 46 18 6b 00 ce e1 e0 ...3..E..F.k....

0440: 66 89 d3 97 89 61 a2 3b a6 e2 d9 90 a4 81 b6 30 f....a.........0

0450: 81 b3 a0 03 02 01 03 a2 81 ab 04 81 a8 64 d8 0c .............d..

0460: 1c 7d 43 93 b3 b7 b9 b2 ed 6c 9b a5 3d 28 b9 f0 ..C......l......

0470: 25 97 5c f8 78 5f 95 f7 01 f6 e1 9a 1a 38 17 e2 ....x........8..

0480: b3 f9 e8 ce d3 75 af 93 b5 7f d6 94 07 0d 5f f0 .....u..........

0490: 7e bc 29 4e fd 04 df b7 d7 0d 73 4c db 8c 1c dc ...N......sL....

04a0: ac 0c 73 64 31 d9 f9 9b c4 e8 06 75 f5 14 16 06 ..sd1......u....

04b0: 2f 51 31 69 cf a4 d4 46 52 6f 80 b9 72 7b ce 64 .Q1i...FRo..r..d

04c0: c7 e3 9d 96 6a 8a 98 ef 9d 41 14 17 92 30 92 64 ....j....A...0.d

04d0: 20 15 d2 fc 6a ad cd 59 14 1e c0 49 fe 37 aa c6 ....j..Y...I.7..

04e0: 56 60 65 a3 10 93 d0 9d ab 30 e6 6d cd c9 23 c3 V.e......0.m....

04f0: 49 9c a0 dd 98 8b 2c 04 0e c8 d4 74 f6 07 29 79 I..........t...y

0500: 30 bd 53 2c 52 0.S.R

[JGSS_DBG_CTX] initSecContext: returning buffer, len=1285

[JGSS_DBG_WRAP] GSSContextImpl.unwrap buffer (len=53, offset=0):

[JGSS_DBG_WRAP] 0000: 60 33 06 09 2a 86 48 86 f7 12 01 02 02 02 01 00 .3....H.........

0010: 00 ff ff ff ff 0a 03 83 15 d4 9a 0a 75 8c 19 05 ............u...

0020: 88 76 ca ce d9 58 92 ce a9 88 27 de 5c 07 00 40 .v...X..........

0030: 00 04 04 04 04 .....

[JGSS_DBG_WRAP] Krb5Context.unwrap: buffer (len=53, offset=0):

[JGSS_DBG_WRAP] 0000: 60 33 06 09 2a 86 48 86 f7 12 01 02 02 02 01 00 .3....H.........

0010: 00 ff ff ff ff 0a 03 83 15 d4 9a 0a 75 8c 19 05 ............u...

0020: 88 76 ca ce d9 58 92 ce a9 88 27 de 5c 07 00 40 .v...X..........

0030: 00 04 04 04 04 .....

[JGSS_DBG_QOP] Created qop with integrity=DES MAC MD5 and confidentiality=DES

[JGSS_DBG_MARSH] Using qop QOP: integrity=DES MAC MD5, confidentiality=DES; enctype=3

[JGSS_DBG_UNMARSH] Real token len 51

[JGSS_DBG_UNMARSH] Token oid 1.2.840.113554.1.2.2

[JGSS_DBG_UNMARSH] inner token len 40

[JGSS_DBG_MARSH] inner token=

[JGSS_DBG_MARSH] 0000: 02 01 00 00 ff ff ff ff 0a 03 83 15 d4 9a 0a 75 ...............u

0010: 8c 19 05 88 76 ca ce d9 58 92 ce a9 88 27 de 5c ....v...X.......

0020: 07 00 40 00 04 04 04 04........

[JGSS_DBG_UNMARSH] Token id

[JGSS_DBG_UNMARSH] 0000: 02 01 ..

[JGSS_DBG_QOP] QOP integrity 2 results from decoding

[JGSS_DBG_QOP] 0000: 00 00 ..

[JGSS_DBG_UNMARSH] DesWrapToken: integrity=2

[JGSS_DBG_QOP] QOP confidentiality 9 results from decoding

[JGSS_DBG_QOP] 0000: ff ff ..

[JGSS_DBG_UNMARSH] DesWrapToken: confidentiality=9

[JGSS_DBG_UNMARSH] Sequence number

[JGSS_DBG_UNMARSH] 0000: 0a 03 83 15 d4 9a 0a 75.......u

[JGSS_DBG_UNMARSH] Checksum

[JGSS_DBG_UNMARSH] 0000: 8c 19 05 88 76 ca ce d9....v...

[JGSS_DBG_UNMARSH] Remainder: (encrypted) data

[JGSS_DBG_UNMARSH] 0000: 58 92 ce a9 88 27 de 5c 07 00 40 00 04 04 04 04 X...............

[JGSS_DBG_UNMARSH] Decoded header

[JGSS_DBG_UNMARSH] Verifying checksum

[JGSS_DBG_MARSH] Integrity (checksum) algorithm DES MAC MD5

[JGSS_DBG_MARSH] DES MAC (Checksum)

[JGSS_DBG_MARSH] 0000: 8c 19 05 88 76 ca ce d9....v...

[JGSS_DBG_MARSH] Computed checksum:

[JGSS_DBG_MARSH] 0000: 8c 19 05 88 76 ca ce d9....v...

[JGSS_DBG_UNMARSH] decoding sequence number

[JGSS_DBG_UNMARSH] Decrypted sequence number

[JGSS_DBG_UNMARSH] 0000: 54 11 00 00 ff ff ff ffT.......

[JGSS_DBG_UNMARSH] Decoded sequence number 4436

[JGSS_DBG_QOP] Created qop with integrity=DES MAC MD5 and confidentiality=NONE

[JGSS_DBG_MARSH] Requested qop=QOP: integrity=DES MAC MD5, confidentiality=NONE

[JGSS_DBG_QOP] Created qop with integrity=DES MAC MD5 and confidentiality=DES

[JGSS_DBG_MARSH] Using qop QOP: integrity=DES MAC MD5, confidentiality=DES; enctype=3

[JGSS_DBG_QOP] QOP integrity 2 encoded as

[JGSS_DBG_QOP] 0000: 00 00 ..

[JGSS_DBG_MARSH] Integrity (checksum) algorithm DES MAC MD5

[JGSS_DBG_MARSH] DES MAC (Checksum)

[JGSS_DBG_MARSH] 0000: 86 f3 6d ff 24 74 03 b5..m..t..

[JGSS_DBG_MARSH] Computed checksum:

[JGSS_DBG_MARSH] 0000: 86 f3 6d ff 24 74 03 b5..m..t..

[JGSS_DBG_UNMARSH] Encoded checksum:

[JGSS_DBG_UNMARSH] 0000: 86 f3 6d ff 24 74 03 b5..m..t..

[JGSS_DBG_MARSH] Encoded sequence number 4437

[JGSS_DBG_MARSH] 0000: 55 11 00 00 00 00 00 00U.......

[JGSS_DBG_MARSH] Encrypted sequence number:

[JGSS_DBG_MARSH] 0000: 25 10 74 45 71 26 18 58..tEq..X

[JGSS_DBG_UNMARSH] Encoded sequence number:

[JGSS_DBG_UNMARSH] 0000: 25 10 74 45 71 26 18 58..tEq..X

[JGSS_DBG_MARSH] mech DER=

[JGSS_DBG_MARSH] 0000: 06 09 2a 86 48 86 f7 12 01 02 02....H......

[JGSS_DBG_MARSH] inner token=

[JGSS_DBG_MARSH] 0000: 02 01 00 00 ff ff ff ff 25 10 74 45 71 26 18 58 ..........tEq..X

0010: 86 f3 6d ff 24 74 03 b5 03 d5 69 7b ac ef 93 40 ..m..t....i.....

0020: 01 01 00 00 04 04 04 04........

[JGSS_DBG_MARSH] asn1Encoded token=

[JGSS_DBG_MARSH] 0000: 60 33 06 09 2a 86 48 86 f7 12 01 02 02 02 01 00 .3....H.........

0010: 00 ff ff ff ff 25 10 74 45 71 26 18 58 86 f3 6d .......tEq..X..m

0020: ff 24 74 03 b5 03 d5 69 7b ac ef 93 40 01 01 00 ..t....i........

0030: 00 04 04 04 04 .....

Exception: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903E2, comment: AcceptSecurityContext error, data 0, v893]

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903E2, comment: AcceptSecurityContext error, data 0, v893]

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2752)

at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2666)

at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)

at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)

at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)

at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)

at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)

at javax.naming.InitialContext.init(InitialContext.java:233)

at javax.naming.InitialContext.<init>(InitialContext.java:209)

at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:94)

at javaapplication.Mutual$1.run(Mutual.java:99)

at java.security.AccessController.doPrivileged1(Native Method)

at java.security.AccessController.doPrivileged(AccessController.java:321)

at javax.security.auth.Subject.doAs(Subject.java:477)

at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:118)

at javaapplication.Mutual.main(Mutual.java:87)

[JGSS_DBG_CRED] user@xxx.COM removed from Subject

[JGSS_DBG_CRED] Kerberos ticket for user@xxx.COM removed from Subject

[JGSS_DBG_CRED] Removing kerberos keys for principal user@xxx.COM

[JGSS_DBG_CRED] Removed key of type des-cbc-md5

Help is much appreciated

Message was edited by:

bdsai

Message was edited by:

bdsai

bdsaia at 2007-7-12 0:14:05 >