I am trying to get SSO working using SPNEGO for Tomcat 7 with IBM JDK.
We are using "org.apache.catalina.authenticator.SpnegoAuthenticator" for authentication which calls com.sun.security.jgss.krb5.accept. The configuration for it is
com.sun.security.jgss.krb5.accept {
com.ibm.security.auth.module.Krb5LoginModule required
principal="[email protected]"
useKeyTab=C:/Downloads/tomcat/conf/xxx.keytab
credsType=acceptor
debug=true;
};
I tried with Java 6 (SR9), 7 (SR1,SR5), but I always get stuck on below error.
java.security.PrivilegedActionException: org.ietf.jgss.GSSException, major code: 11, minor code: 0
major string: General failure, unspecified at GSSAPI level
minor string: Desired initLifetime zero or less
Can anybody point to anything that I have missed?
-Thanks