Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Kerberos ASN.1

Former Member
0 Kudos

Hi,

maybe you can help me out

I’m getting an ASN.1 Exception with my new Kerberos configuration, well I don’t realy know where to start the search? Maybe someone could give me a hint?

Greetings & Thanks for your help!

#1.5#000F1F64FE8F004A000000150000122C0004343848A17564#1183316247656#com.sap.security.core.server.jaas.SPNegoLoginModule##com.sap.security.core.server.jaas.SPNegoLoginModule#J2EE_GUEST#2####e97d5e80280411dcb5d7000f1f64fe8f#SAPEngine_Application_Thread[impl:3]_8##0#0#Error##Plain###Error during handshake (has already been reported). Authentication failed.#

#1.5#000F1F64FE8F00470000000C0000122C000434384EED7DEA#1183316353296#com.sap.security.core.server.jaas.SPNegoLoginModule##com.sap.security.core.server.jaas.SPNegoLoginModule#J2EE_GUEST#2####2874c100280511dc82c0000f1f64fe8f#SAPEngine_Application_Thread[impl:3]_12##0#0#Error##Java###Decoding error in parsing of spnego token.

[EXCEPTION]

#1#iaik.asn1.CodingException: Error reading ASN.1 datastructure: null

at iaik.asn1.DerCoder.decode(Unknown Source)

at com.sap.security.core.server.jaas.SPNegoLoginModule.doHandshake(SPNegoLoginModule.java:574)

at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:322)

at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:154)

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:175)

at com.sap.engine.services.servlets_jsp.server.runtime.context.SessionServletContext.doLogin(SessionServletContext.java:628)

at com.sap.engine.services.servlets_jsp.server.runtime.context.SessionServletContext.checkUser(SessionServletContext.java:294)

at com.sap.engine.services.servlets_jsp.server.runtime.context.ApplicationContext.checkMap(ApplicationContext.java:434)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.checkRequest(HttpHandlerImpl.java:68)

at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:873)

at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)

at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:160)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

#

#1.5#000F1F64FE8F00470000000D0000122C000434384EED8190#1183316353296#com.sap.security.core.server.jaas.SPNegoLoginModule##com.sap.security.core.server.jaas.SPNegoLoginModule#J2EE_GUEST#2####2874c100280511dc82c0000f1f64fe8f#SAPEngine_Application_Thread[impl:3]_12##0#0#Error##Plain###Error during handshake (has already been reported). Authentication failed.#

1 REPLY 1

desiree_matas
Contributor
0 Kudos

Hello Marvin

This is usually raised when an NTML token is sent by the browser instead of the SPNego one. Possible reasons for that:

1. HTTP proxy is used to access the Portal site

2. DNS misconfiguration

Note 934138 might be useful here.

If this does not help, you should try to use the diagtool as per SAP note 957666 to obtain more information on the error.

Regards,

Désiré