File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Difference in Kerberos between J2SE1.4.2_05 and J2SE1.5.0_04??? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Difference in Kerberos between J2SE1.4.2_05 and J2SE1.5.0_04???" Watch "Difference in Kerberos between J2SE1.4.2_05 and J2SE1.5.0_04???" New topic
Author

Difference in Kerberos between J2SE1.4.2_05 and J2SE1.5.0_04???

Andreas Eriksson
Greenhorn

Joined: Aug 31, 2005
Posts: 1
Hello,

I'm trying to migrate from J2SE 1.4.2_05 to J2SE 1.5.0_04.

My problem is with SSO to an Active Directory server.

The following code runs perfectly if I am using the J2SE 1.4.2_05, but does only throw KrbException with message: KDC has no support for encryption type (14) if I run it with J2SE 1.5.0_04!

jaas.conf


krb5.conf


LdapClient.java


Debug & Stack Trace



I have tried the following hotfix on Windows Server 2003: Windows Server 2003 - Active Directory Hotfix without success.

I have tried to specify default_tgs_enctypes, default_tkt_enctypes and permitted_enctypes in the krb5.conf to: des-cbc-crc des-cbc-md5 with and without the "salt"... no success.

By the error message it seems that the KDC uses encryption type 14 (rsaES-OAEP-ENV-OID) which Java cannot handle and therefor gets the EType (int) 0 (sun.security.krb5.internal.crypto.NullEType).

I have also marked the "Use DES encryptation only" the option in Active Directory on my user 'anderk'.... no success.

Still, it seems very odd that if I use J2SE 1.4.2_05 it works and with J2SE 1.5.0_04 is doesn't!!!

Please give me some advice!

Regards, Andreas Eriksson
[ August 31, 2005: Message edited by: Andreas Eriksson ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Difference in Kerberos between J2SE1.4.2_05 and J2SE1.5.0_04???