Enabling Kerberos: javax.security.auth.login.LoginException: Unable to obtain password from user

Question

I'm trying to enable Kerberos for my SDC RPM installation, but when I start the SDC I get following exception:

java.lang.RuntimeException: Could not get Kerberos credentials: javax.security.auth.login.LoginEx Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:897) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:760) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498)

How do I move forward?

Dash · Accepted Answer

The issue might be theheadless keytab file. Try the following:Createtwo principals on your Kerberos host:Headless principle sdc@MYCOMPANY.REALMService principle sdc/HOSTNAME.FQDN@MYCOMPANY.REALMCreatekeytab file just for the service principle and change its owner to sdc user with chownDeploykeytab on SDC host under/etc/security/keytabs/StopSDC and configurethe Kerberos properties in$SDC_CONF/sdc.properties as follows:kerberos.client.enabled=truekerberos.client.principal=sdc/HOSTNAME.FQDN@MYCOMPANY.REALMkerberos.client.keytab=/etc/security/keytabs/myService.keytabStartSDC

Reply

Couldn't find what you're looking for?

Sign up

Social Login

Login to the community

Social Login

Scanning file for viruses.

This file cannot be downloaded