chris wrote:
...
When testing see Log dump --->
Nov 14, 2013 10:04:50 PM org.apache.catalina.authenticator.SpnegoAuthenticator
authenticate
SEVERE: Unable to login as the service principal
javax.security.auth.login.LoginException: Unable to obtain password from user
at
com.sun.security.auth.module.Krb5LoginModule.promptForPass(Unknown Source)
at
..
I am not a Kerberos specialist, but why would the above 2 lines be there ?
The whole point of SSO normally, is to not have to promt the user for a login/password,
and get the authentication directly from the logged-in workstation.
In a Windows-domain-style SSO, the fact of prompting the user usually already indicates
that something (some prior step) is not working as it should.
I would suggest to use a protocol analyser (maybe just a browser plugin) to check what
really goes on there.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
