single sign on - Kerberos authentication for java processes failed -


i have java application manually implemented sso. based on waffle: http://tuhrig.de/a-windows-sso-for-java-on-client-and-server/

and cpp server token exchange process. , it's work. usually... problem: have 1 user(administator) in domain produce:

com.sun.jna.platform.win32.win32exception: logon attempt failed com.sun.jna.platform.win32.win32exception: logon attempt failed     @ waffle.windows.auth.impl.windowsauthproviderimpl.acceptsecuritytoken(windowsauthproviderimpl.java:141)

how executing java application: have windows service "controller". , "controller" execute java application, "controller" executed mydomain\administator. means java app got security setting controller on start. strange thing: restart controller service , start java application: java application can authentication. if controller restart java application got error. event log show useless(maybe i'm not understand it) info(event log message):

an account failed log on.  subject:     security id:        null sid     account name:       -     account domain:     -     logon id:       0x0  logon type:         3  account logon failed:     security id:        null sid     account name:            account domain:       failure information:     failure reason:     error occured during logon.     status:         0xc000006d     sub status:     0x0  process information:     caller process id:  0x0     caller process name:    -  network information:     workstation name:   -     source network address: -     source port:        -  detailed authentication information:     logon process:      kerberos     authentication package: kerberos     transited services: -     package name (ntlm only):   -     key length:     0  event generated when logon request fails. generated on computer access attempted.  subject fields indicate account on local system requested logon. commonly service such server service, or local process such winlogon.exe or services.exe.  logon type field indicates kind of logon requested. common types 2 (interactive) , 3 (network).  process information fields indicate account , process on system requested logon.  network information fields indicate remote logon request originated. workstation name not available , may left blank in cases.  authentication information fields provide detailed information specific logon request.     - transited services indicate intermediate services have participated in logon request.     - package name indicates sub-protocol used among ntlm protocols.     - key length indicates length of generated session key. 0 if no session key requested.

why work after service start once? , why work users except administrator ps: have registry allowtgtsessionkey=1 disableloopbackcheck=1


Comments

Post a Comment

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

i getting "__type": "com.amazon.coral.service#serializationexception" as reply in postman & in test console in api gateway trying post record directly dynamodb using api proxy services.. referring aws article - https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-as-a-proxy-for-dynamodb/ here's mapping { "tablename": "tablenamegoeshere", "item": { "id" : "$context.requestid" "eventname" : "$input.path('$.eventname')", "timestamp" : $input.path('$.timestamp'), "answers": "$util.parsejson($input.path('$.answers'))" } } update: did asked ... , worked if try add array of json objects gives me above same error - here's trying now. please - couldnt find on google well #set($inputroot = $input.path('$')) { "tablename": "answer", "item": {
Read more

asp.net - Problems sending emails from forum -

i have been redesigning site has message board, has been written guy looked after site. it has few problems , written in .asp , uses .mdb files database. you can see whole thing here . feel free post if helps, test thing have set using original files , new database. the basic problem when posts message, supposed email sent them, have posted it. when replies, originator supposed message, replier has been posted. i’d have thought @ point in process there should script/file in postmessage.asp? the postmessage.asp page below. <% option explicit %> <!-- #include virtual="common/adovbs.inc" --> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <meta name="generator" content="microsoft frontpage 4.0"> <meta name="progid" content="frontpage.editor.document"> <title>new page 2</title> <base target="_self"
Read more