aspose file tools*
The moose likes Java in General and the fly likes Kerberos authentication with Proxy server is failing with JRE 1.6.0_30 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Kerberos authentication with Proxy server is failing with JRE 1.6.0_30" Watch "Kerberos authentication with Proxy server is failing with JRE 1.6.0_30" New topic
Author

Kerberos authentication with Proxy server is failing with JRE 1.6.0_30

Deepak Kumar Mishra
Greenhorn

Joined: May 10, 2010
Posts: 2
Hi,
In our project we need to communicate to a URL on internet through a proxy server. The proxy server has kerberos authentication integrated with an Active Directory.
When I try to communicate to the URL through a proxy server, using JRE 1.6.0_30, the client is redirected 20 times and finally "java.net.ProtocolException: Server redirected too many times (20)" error comes. On the other hand when same program is run with JRE 1.6.0_33/1.6.0_37, the communication with the internet URL through proxy server is successful. Can any body please tell me if there was a bug fix related to kerberos authentication in JRE 1.6._30 or is there any mistake in program?

Following is the program I am using:

public class TestConnectionThroughProxy {
public static void main(String[] args) throws IOException {
TestConnectionThroughProxy test = new TestConnectionThroughProxy();
test.test();
}

private static class MyAuthenticator extends Authenticator {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("domainuser", "domainpassword".toCharArray());
}
}

private void test() throws IOException {
System.setProperty("java.security.krb5.conf", "krb5.ini");
System.setProperty("java.security.auth.login.config", "spNegoLogin.conf");
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
System.setProperty("sun.security.krb5.debug", "true");

Authenticator.setDefault(new MyAuthenticator());

SocketAddress socketAddr = new InetSocketAddress("proxyserver.testdomain.local", 3128);
Proxy proxy = new Proxy(Proxy.Type.HTTP, socketAddr);

URL url = new URL("http://www.google.com");
URLConnection conn = url.openConnection(proxy);
InputStream is = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
char[] c = new char[1024];
int i = 0;
StringBuilder builder = new StringBuilder();
while((i = reader.read(c)) >= 0) {
builder.append(c, 0, i);
}
reader.close();
is.close();
System.out.println(builder.toString());
}
}

krb5.ini file:

[libdefaults]
default_realm = TESTDOMAIN.LOCAL
default_tkt_enctypes = aes128-cts-hmac-sha1-96,rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
forwardable = true
[realms]
TESTDOMAIN.LOCAL = {
kdc = adserver.testdomain.local:88
}
[domain_realm]
testdomain.local = TESTDOMAIN.LOCAL
.testdomain.local = TESTDOMAIN.LOCAL

spNegoLogin.conf:

com.sun.security.jgss.krb5.initiate {
com.sun.security.auth.module.Krb5LoginModule required doNotPrompt=false useTicketCache=false;
};

Please help us in finding the reason of problem.
Thank You,
Deepak
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Kerberos authentication with Proxy server is failing with JRE 1.6.0_30