Skip to main content

SECJ0118E with form authentication and spnego enabled


Our deployment keeps getting an odd SECJ0118E  exception when authenticating with Form authentication with Mozilla or Chrome browser not configured for Active Directory Domain.

All instructions into WebSphere infocenter for enabling fallback to default authentication were correctly applied.  We noticed that standard WebSphere security tracing (*=info:com.ibm.ws.security.*=all:com.ibm.websphere.security.*=all:com.ibm.websphere.wim.*=all:com.ibm.wsspi.wim.*=all:com.ibm.ws.wim.*=all) 
provided into trace a lot of Kerberos exceptions. 

[30/12/13 17.36.57:246 CET] 0000005e Krb5LoginModu < login() Exit
javax.security.auth.login.FailedLoginException: Errore di login: com.ibm.security.krb5.KrbException, codice di stato: 68
messaggio: Nessuno
at com.ibm.security.jgss.i18n.I18NException.throwFailedLoginException(I18NException.java:30)
at com.ibm.security.auth.module.Krb5LoginModule.a(Krb5LoginModule.java:719)
at com.ibm.security.auth.module.Krb5LoginModule.b(Krb5LoginModule.java:742)


Double checking WebSphere security settings we noticed that Authentication mechanism was mistakenly set to Kerberos and LTPA instead of simple LTPA, as suggested for SPNEGO. 

Reverting back to simple LTPA fixed everything. 

Comments

Post a Comment

Popular posts from this blog

Multiple controllers with Spring Boot

Remember, when you want to have multiple controllers with Spring Boot, you should always name them differently in the annotation, otherwise they will not work So these two together will NOT work (or just one of them will work) These two instead WILL work.
2 comments
Read more

Can't use the newest npm when node is installed with brew (MacOs)

Even though I installed and reinstalled node with brew, with last versione 11.8.0, apparently it kept using the last version fdecollibus$ npm install --global gatsby-cli npm WARN npm npm does not support Node.js v11.8.0 npm WARN npm You should probably upgrade to a newer version of node as we npm WARN npm can't make any promises that npm will work with this version. npm WARN npm Supported releases of Node.js are the latest release of 4, 6, 7, 8, 9. npm WARN npm You can find the latest version at https://nodejs.org/ /usr/local/Cellar/node/11.8.0/bin/gatsby -> /usr/local/Cellar/node/11.8.0/lib/node_modules/gatsby-cli/lib/index.js + gatsby-cli@2.4.8 npm -v gave me back version 5.6.0. I've therefore noticed that  /usr/local/lib/node_modules had wrong permissions assigned to root:wheel. A chown did not fix the problem: I've had to manually delete the content of the folder (cd / usr/local/lib/node_modules and -careful - type rm -rf ...
Post a Comment
Read more