Spring security kerberos验证令牌错误

时间:2015-06-22 08:44:03

标签: spring spring-security kerberos spring-security-kerberos

我使用Spring Security Kerberos 1.0.0.RELEASE与JDK 7,Spring Security 3.2.7.RELEASE和Spring Framework 4.1.6.RELEASE来处理我的应用程序中的身份验证。但我总是得到这个错误:

Caused by: java.security.PrivilegedActionException: null
at java.security.AccessController.doPrivileged(Native Method) ~[na:1.7.0_75]
at javax.security.auth.Subject.doAs(Subject.java:415) ~[na:1.7.0_75]
at org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator.validateTicket(SunJaasKerberosTicketValidator.java:67) ~[spring-security-kerberos-core-1.0.0.RELEASE.jar:1.0.0.RELEASE]
... 57 common frames omitted
Caused by: org.ietf.jgss.GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag)
at sun.security.jgss.GSSHeader.<init>(GSSHeader.java:97) ~[na:1.7.0_75]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:306) ~[na:1.7.0_75]
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) ~[na:1.7.0_75]
at org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator$KerberosValidateAction.run(SunJaasKerberosTicketValidator.java:162) ~[spring-security-kerberos-core-1.0.0.RELEASE.jar:1.0.0.RELEASE]
at org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator$KerberosValidateAction.run(SunJaasKerberosTicketValidator.java:152) ~[spring-security-kerberos-core-1.0.0.RELEASE.jar:1.0.0.RELEASE]

我的Spring配置

<bean id="kerberosAuthenticationService" class="com.test.app.authentication.service.impl.KerberosAuthenticationServiceImpl">
    <property name="customKerberosTicketValidator">
        <bean class="org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator">
            <property name="servicePrincipal" value="${authentication.kerberos.principal}" />
            <property name="keyTabLocation" value="${authentication.kerberos.keytab}" />
            <property name="debug" value="true" />
        </bean>
    </property>
</bean>

<!-- OVERRIDING DEFAULT KRB configuration -->
<bean class="org.springframework.security.kerberos.authentication.sun.GlobalSunJaasKerberosConfig">
    <property name="debug" value="true" />
    <property name="krbConfLocation" value="classpath:kerberos/krb5.conf" />
</bean>

经过身份验证的方法看起来像这里

 try {
        base64Token = header.substring(10);
        kerberosTicket = Base64.decode(base64Token.trim().getBytes());
        KerberosServiceRequestToken authenticationRequest = new KerberosServiceRequestToken(kerberosTicket);
        byte[] token = authenticationRequest.getToken();

        KerberosTicketValidation kerberosTicketValidation = this.customKerberosTicketValidator.validateTicket(token);
        userName = kerberosTicketValidation.username();

        LOGGER.debug("USername {} ", userName);

    } -------

我该如何解决此错误? 谢谢你的回复 此致

0 个答案:

没有答案
相关问题
最新问题