Error message :
Caused By: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Key)
Cause:
This may occur if no valid Kerberos credentials are obtained. In particular, this occurs if you want the underlying mechanism to obtain credentials but you forgot to indicate this by setting the javax.security.auth.useSubjectCredsOnly system property value to false (for example via -Djavax.security.auth.useSubjectCredsOnly=false in your execution command).
Solution:
Be sure to set the javax.security.auth.useSubjectCredsOnly system property value to false if you want the underlying mechanism to obtain credentials, rather than your application or a wrapper program (such as the Login utility used by some of the tutorials) performing authentication using JAAS.
Stop the admin server
Modify the startWebLogic.sh file located in DOMAIN_HOME/bin
add the flag -Djavax.security.auth.useSubjectCredsOnly=false in java_options
save and start your admin server
below is a typical example assuming your weblogic is on linux box
Modify the startWebLogic.sh file located in DOMAIN_HOME/bin
Locate the following line:
# Start WebLogic
Below this line, add the following, replacing the correct path to krb5Login.conf:
JAVA_OPTIONS=”${JAVA_OPTIONS} -Djava.security.auth.login.config=/opt/Oracle/Middleware/user_projects/domains/base_domain/krb5Login.conf –Djavax.security.auth.useSubjectCredsOnly=false –Dweblogic.security.enableNegotiate=true”
export JAVA_OPTIONS
Save the file. Start the Administration Server
For Windows
Modify the startWebLogic.cmd file located in DOMAIN_HOME\bin (default is c:\Oracle\Middleware\user_projects\domains\base_domain\bin\startWebLogic.cmd)
Locate the following line:
@REM START WEBLOGIC
Below this line, add the following:
set JAVA_OPTIONS=%JAVA_OPTIONS% -Djava.security.auth.login.config=%DOMAIN_HOME%\krb5Login.conf –Djavax.security.auth.useSubjectCredsOnly=false –Dweblogic.security.enableNegotiate=true
Ref : http://docs.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/Troubleshooting.html
Caused By: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Key)
Cause:
This may occur if no valid Kerberos credentials are obtained. In particular, this occurs if you want the underlying mechanism to obtain credentials but you forgot to indicate this by setting the javax.security.auth.useSubjectCredsOnly system property value to false (for example via -Djavax.security.auth.useSubjectCredsOnly=false in your execution command).
Solution:
Be sure to set the javax.security.auth.useSubjectCredsOnly system property value to false if you want the underlying mechanism to obtain credentials, rather than your application or a wrapper program (such as the Login utility used by some of the tutorials) performing authentication using JAAS.
Stop the admin server
Modify the startWebLogic.sh file located in DOMAIN_HOME/bin
add the flag -Djavax.security.auth.useSubjectCredsOnly=false in java_options
save and start your admin server
below is a typical example assuming your weblogic is on linux box
Modify the startWebLogic.sh file located in DOMAIN_HOME/bin
Locate the following line:
# Start WebLogic
Below this line, add the following, replacing the correct path to krb5Login.conf:
JAVA_OPTIONS=”${JAVA_OPTIONS} -Djava.security.auth.login.config=/opt/Oracle/Middleware/user_projects/domains/base_domain/krb5Login.conf –Djavax.security.auth.useSubjectCredsOnly=false –Dweblogic.security.enableNegotiate=true”
export JAVA_OPTIONS
Save the file. Start the Administration Server
For Windows
Modify the startWebLogic.cmd file located in DOMAIN_HOME\bin (default is c:\Oracle\Middleware\user_projects\domains\base_domain\bin\startWebLogic.cmd)
Locate the following line:
@REM START WEBLOGIC
Below this line, add the following:
set JAVA_OPTIONS=%JAVA_OPTIONS% -Djava.security.auth.login.config=%DOMAIN_HOME%\krb5Login.conf –Djavax.security.auth.useSubjectCredsOnly=false –Dweblogic.security.enableNegotiate=true
Ref : http://docs.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/Troubleshooting.html
No comments:
Post a Comment