Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

NTLM token found in authorization header during SPNego authentication

HI,

I am facing :NTLM token found in authorization header during SPNego authentication" error for some of the users.Can any one help to solve this.

errors:

NTLM token found in authorization header during SPNego authentication.

14:11:39:472 Warning Guest ~n_Thread[impl:3]_43 ~on.loginmodule.spnego.SPNegoLoginModule Authentication failed. Error during handshake. Check the trace file for details.

14:11:39:473 Warning Guest ~n_Thread[impl:3]_43 ~on.loginmodule.spnego.SPNegoLoginModule Error during handshake.

[EXCEPTION]

com.sap.security.core.server.jaas.spnego.SPNegoProtocolException: NTLM token received in authorization header.

at com.sap.security.core.server.jaas.SPNegoLoginModule.checkAuthorizationHeaderToken(SPNegoLoginModule.java:410)

at com.sap.security.core.server.jaas.SPNegoLoginModule.doHandshake(SPNegoLoginModule.java:686)

at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:362)

at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)

at java.security.AccessController.doPrivileged(AccessController.java:231)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:177)

at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)

at java.lang.reflect.Method.invoke(Method.java:391)

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)

at java.security.AccessController.doPrivileged(AccessController.java:231)

at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)

at javax.security.auth.login.LoginContext.login(LoginContext.java:557)

at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:145)

at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)

at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)

at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)

at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)

at java.security.AccessController.doPrivileged(AccessController.java:231)

at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)

at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)

at com.sap.portal.navigation.Gateway.service(Gateway.java:126)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)

at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)

at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)

at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(AccessController.java:207)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

14:11:39:474 Debug Guest ~n_Thread[impl:3]_43 ~on.loginmodule.spnego.SPNegoLoginModule set Satus Code On Fail = 401

14:11:39:474 Debug Guest ~n_Thread[impl:3]_43 ~es.security.authentication.logincontext Login module com.sap.security.core.server.jaas.SPNegoLoginModule from authentication stack spnego does not authenticate the caller.

14:11:39:474 Path Guest ~n_Thread[impl:3]_43 ~.ticket.CreateTicketLoginModule.login() Entering method

14:11:39:475 Info Guest ~n_Thread[impl:3]_43 ~inmodule.ticket.CreateTicketLoginModule No authenticated user found.

14:11:39:475 Path Guest ~n_Thread[impl:3]_43 ~inmodule.ticket.CreateTicketLoginModule Exiting method with false

14:11:39:475 Debug Guest ~n_Thread[impl:3]_43 ~on.loginmodule.BasicPasswordLoginModule No user name provided.

14:11:39:475 Path Guest ~n_Thread[impl:3]_43 ~.ticket.CreateTicketLoginModule.login() Entering method

14:11:39:475 Info Guest ~n_Thread[impl:3]_43 ~inmodule.ticket.CreateTicketLoginModule No authenticated user found.

14:11:39:475 Path Guest ~n_Thread[impl:3]_43 ~inmodule.ticket.CreateTicketLoginModule Exiting method with false

14:11:39:476 Path Guest ~n_Thread[impl:3]_43 ~engine.services.security.authentication Exception : Cannot authenticate the user

Former Member
Not what you were looking for? View more on this topic or Ask a question