ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boris Dushanov (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WSS-499) Re-enable KerberosTests
Date Wed, 14 May 2014 20:35:16 GMT

    [ https://issues.apache.org/jira/browse/WSS-499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13997993#comment-13997993
] 

Boris Dushanov commented on WSS-499:
------------------------------------

Hi,

I'm trying to run the trunk version of KerberosTests locally but during the execution of testKerberosCreationAndProcessing
I'm receiving the following exception :

org.apache.wss4j.common.ext.WSSecurityException: An error occurred in trying to obtain a TGT:
Integrity check on decrypted field failed (31) - Integrity check on decrypted field failed
Original Exception was javax.security.auth.login.LoginException: Integrity check on decrypted
field failed (31) - Integrity check on decrypted field failed
	at org.apache.wss4j.dom.message.token.KerberosSecurity.retrieveServiceTicket(KerberosSecurity.java:161)
	at org.apache.wss4j.integration.test.kerberos.KerberosTest.testKerberosCreationAndProcessing(KerberosTest.java:149)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
	at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
	at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
Caused by: javax.security.auth.login.LoginException: Integrity check on decrypted field failed
(31) - Integrity check on decrypted field failed
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
	at org.apache.wss4j.dom.message.token.KerberosSecurity.retrieveServiceTicket(KerberosSecurity.java:156)
	... 26 more
Caused by: KrbException: Integrity check on decrypted field failed (31) - Integrity check
on decrypted field failed
	at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:72)
	at sun.security.krb5.KrbAsReq.getReply(KrbAsReq.java:446)
	at sun.security.krb5.Credentials.sendASRequest(Credentials.java:401)
	at sun.security.krb5.Credentials.acquireTGT(Credentials.java:373)
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662)
	... 38 more
Caused by: KrbException: Identifier doesn't match expected value (906)
	at sun.security.krb5.internal.KDCRep.init(KDCRep.java:133)
	at sun.security.krb5.internal.ASRep.init(ASRep.java:58)
	at sun.security.krb5.internal.ASRep.<init>(ASRep.java:53)
	at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:50)
	... 42 more

I'm trying with both Java 6u45 and 7u45 but the result is the same. I also tried with BouncyCastle
1.50 but again there's no difference.Do you have any idea what might be wrong? Thanks.

Regards,
Boris


> Re-enable KerberosTests
> -----------------------
>
>                 Key: WSS-499
>                 URL: https://issues.apache.org/jira/browse/WSS-499
>             Project: WSS4J
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.0.1
>
>
> This task is to re-enable the KerberosTests, which are currently all @Ignored. This is
due to the fact that we had to downgrade from BouncyCastle 1.50 -> 1.49, as 1.50 (which
fixes a Kerberos issue) does not work in an OSGi container. Once 1.51 is released, we can
re-enable the tests.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message