 |
|||||
|
As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only. Join the TIBCO Community
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community. | |||||
Focal Point 
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Issues Implementing SSO on Linux using Kerberos
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Issues Implementing SSO on Linux using Kerberos Read-Only TopicGo | Search | Notify | Tools |
| [CLOSED] Issues Implementing SSO on Linux using Kerberos | Login/Join |
| Member |
Hi, We are trying to Implement SSO USING TOMCAT/IIS/KERBEROS Authentication on WebFOCUS 8.2.04 on Linux OS using the instructions provided in the WebFOCUS Security and Administration Manual and we are getting the following error 'Cannot create inner bean 'com.ibi.webapp.security.kerberos.WFKerberosTicketValidator#2abc4d56' of type [com.ibi.webapp.security.kerberos.WFKerberosTicketValidator] while setting bean property 'ticketValidator'; ' Just Wondering If anybody has already Implemented SSO using Kerberos on Linux and could share their experience or notes would be helpful. Thanks KironThis message has been edited. Last edited by: FP Mod Chuck, WebFOCUS 8.2/Linux | ||
|
| Virtuoso |
Have you updated your krb5-ini file to specificy encryption type? WebFOCUS 8206, Unix, Windows | |||
|
| Member |
Yes, we updated the krb5.conf file with the correct Encryption Type. WebFOCUS 8.2/Linux | |||
|
| Virtuoso |
Kiron I found this on techsupport. I hope it helps. Solution Notes Symptom Kerberos authentication fails with error message in websecurity.log: Error creating bean with name 'com.ibi.webapp.security.kerberos.WFKerberosTicketValidator#62e81ae5' defined in ServletContext resource [/WEB-INF/was/security-main.xml]: Invocation of init method failed; nested exception is javax.security.auth.login.LoginException: Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type: AES256 CTS mode with HMAC SHA1-96 Problem The krb5.ini file did not specify the correct encryption type. The error message is indicating it is missing aes256-cts-hmac-sha1-96 encryption type. Solution Update the krb5-ini file to specificy encryption type aes256-cts-hmac-sha1-96. before update: default_tkt_enctypes = aes128-cts-hmac-sha1-96 default_tgs_enctypes = aes128-cts-hmac-sha1-96 After update: default_tkt_enctypes = aes256-cts-hmac-sha1-96 default_tgs_enctypes = aes256-cts-hmac-sha1-96 Thank you for using Focal Point! Chuck Wolff - Focal Point Moderator WebFOCUS 7x and 8x, Windows, Linux All output Formats | |||
|
| Member |
Thanks for the information. We are currently using aes256 in the krb5.conf file and that matches our Keytab file encryption. WebFOCUS 8.2/Linux | |||
|
| Virtuoso |
Kiron That was all I could find.. Unless someone else chimes in I think you should open a case with techsupport. Thank you for using Focal Point! Chuck Wolff - Focal Point Moderator WebFOCUS 7x and 8x, Windows, Linux All output Formats | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
Read-Only TopicFocal Point Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Issues Implementing SSO on Linux using Kerberos
Focal Point Forums WebFOCUS/FOCUS Forum on Focal Point [CLOSED] Issues Implementing SSO on Linux using KerberosCopyright © 1996-2020 Information Builders
| View $GS_USERNAME's Public Profile |
| Add $GS_USERNAME to my Ignore List |
| View Recent Posts by $GS_USERNAME |
| Notify me of New Posts by $GS_USERNAME |