Error Calling Function Protocol Status 1312
in threaded view ♦ ♦ | Report Content as Inappropriate ♦ ♦ Error calling function protocol status: 1312 Hi again, After some tough work, it seems I've got my test environment configured and working with DHCP server, DNS server, ldap and Domain Controller, running on a GNU Linux Debian platform. I've also configured KDC + AS services on that machine, and I'm glad to see that I'm able to create a secure context between the server and other GNU Linux machine. I'm using GSS-API in Java 1.6, and everything works fine. The problem comes when I run the same Java code on a Windows XP SP3 platform with jdk 1.5.0_21 version installed. Just before the context is created, I get the message: *Error calling function protocol status: 1312. A specified logon session does not exist. It may already have been terminated.* But the most curious thing is that execution continues and secure context is created indeed. I've also checked *krb5kdc.log* and verified that both TGT ans TGS tickets are generated and delivered correctly. I've searched the web and I've found many posible explanations, like: *"There is a problem with Windows API FormatMessage usage in a non English locale"* - forums.sun *"The identity associated with a **KerberosToken2*
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each http://kerberos.996246.n3.nabble.com/Error-calling-function-protocol-status-1312-td29646.html other. Join them; it only takes a minute: Sign up Java 1.8 JAAS doesn't recognize the principal in my own generated keytab up vote 0 down vote favorite Java can't find my principal name in my own keytab file? I was expecting Java JAAS module to generate a TGT when it finds the principal in my keytab file. http://stackoverflow.com/questions/33522532/java-1-8-jaas-doesnt-recognize-the-principal-in-my-own-generated-keytab/33523037 I also used kinit on the same keytab file and that does work. Although JAAS finds the keytab as instructed through the config file, i get the next message: ... Native config name: C:\Windows\krb5.ini getRealmFromDNS: trying YEF.GSC.RD Acquire TGT from Cache >>>KinitOptions cache name is C:\Users\tester1\krb5cc_tester1 >> Acquire default native Credentials Using builtin default etypes for default_tkt_enctypes default etypes for default_tkt_enctypes: 17 16 23. LSA: Found KrbCreds constructor LSA: Got handle to Kerberos package LSA: Response size is 0 LSA: Error calling function Protocol status: 1312 LSA: A specified logon session does not exist. It may already have been terminated. >>> Found no TGT's in LSA Principal is john@YEF.GSC.RD null credentials from Ticket Cache Looking for keys for: john@YEF.GSC.RD Key for the principal john@YEF.GSC.RD not available in c:/user/tester1/keytab (I used the debug flag -Dsun.security.krb5.debug=true to get these details, and ran it standalone instead of webstart, just to get stuff started without the webstart startup overhead) The config file says: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true doNotPrompt=false principal=john renewTGT=true useKeyTab=true keyTab="c:/user/tester1/keytab" debug=true; }; The keyt
it was the only lead in google for my problem. I have a problem you have encountered before. You raise http://osdir.com/ml/java.geronimo.devel/2006-06/msg01715.html the problem in http://mail-archives.apache.org/mod_mbox/geronimo-dev/200603.mbox/%3C1407490485.1142597972621.JavaMail.jira@ajax%3E I also get the following when doing client kerberos authentication on a Windows XP machine: Error calling function Protocol status : 1312 FormatMessage failed with 1815 Did you solve this? It should be possible to authenticate your client application to a kerberos service without configuring a Windows domain error calling right? Also, it did not happen with earlier Java version 1.4. I just made my app 1.5 compatible. But now it won't authenticate anymore. Hope you can help to explain this situation. Tanks, Harrie Hoogeveen ps: this problem is also raised twice at the Sun Java form, without being answered. Thread at a error calling function glance: Previous Message by Date: Re: Dublin - Clustering get-together.... - Thurs aft/eve.. Matt Hogstrom wrote: Jules its great you'll make it over here. I haven't really followed clustering since it was withdrawn from the Incubator so my apologies for not being current. It would be excellent to see what Wadi is doing. not just WADI - but a wholistic approach to all Geronimo's clustering issues.... However, Given the recent issue with the meeting in JavaOne I'm not sure I'm following the Covalent sponsorship since we'll be having the disucssion at an ApacheCon. Forgive me but I'm a little sensitive to the Corporate Sponsorship and Committers getting together ;-0 Matt - I don't think that the problem was with sponsorship, but rather exclusion... (maybe I've misunderstood something?). Covalent are simply providing a room and beer. The invitation is open to the entire community and you will be driving the meeting. However, if you are st