Uploaded image for project: 'Directory Studio'
  1. Directory Studio
  2. DIRSTUDIO-1103

Unable to obtain Principal Name for authentication on Windows

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 2.0.0-M10 (2.0.0.v20151221-M10)
    • None
    • studio-connection
    • None
    • Windows

    Description

      On a Windows desktop joined to an Active Directory domain it is not possible to use Single Sign-On using GSSAPI/Kerberos. This is the reported exception when checking authentication in the New LDAP Connection wizzard:

      The authentication failed
 - javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication 
  org.apache.directory.api.ldap.model.exception.LdapException: javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication 
	at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1657)
	at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1543)
	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:444)
	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1171)
	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:457)
	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:303)
	at org.apache.directory.studio.connection.core.jobs.CheckBindRunnable.run(CheckBindRunnable.java:79)
	at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:127)
	at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication 
	at com.sun.security.auth.module.Krb5LoginModule.promptForName(Unknown Source)
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source)
	at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at javax.security.auth.login.LoginContext.invoke(Unknown Source)
	at javax.security.auth.login.LoginContext.access$000(Unknown Source)
	at javax.security.auth.login.LoginContext$4.run(Unknown Source)
	at javax.security.auth.login.LoginContext$4.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
	at javax.security.auth.login.LoginContext.login(Unknown Source)
	at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1644)
	... 8 more

  javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication

      With other applications (Windows, Web browsers) SSO works flawlessly (on Kerberos enabled servers, of course).

      Thanks for your help.

      Attachments

        Activity

          People

            Unassigned Unassigned
            stephan2012 Stephan Austermühle
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: