Troubleshooting
Problem
When you configure using the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) trust association interceptor (TAI), SPNEGO web authentication or Kerberos authentication mechanism, and then log in, error messages such as the following might appear if you are using Java 7:
Symptom
com.ibm.websphere.security.auth.WSLoginFailedException: com.ibm.websphere.security.auth.WSLoginFailedException: Login error: com.ibm.security.krb5.KrbException, status code: 24
message: Pre-authentication information was invalid
You are not able to authenticate using SPNEGO TAI, SPNEGO web authentication or Kerberos authentication mechanism when using IBM WebSphere Application Server Version 8.5 and Java 7.
Resolving The Problem
You must apply the iFix for APAR IV20539 to upgrade your SDK to Java 7 SR1 as discussed in interim fix PM63957: SHIP SDK APAR IV20539 AS WSAS V8.5 IFIX.
You can download the iFix from Fix Central: http://www-933.ibm.com/support/fixcentral.
Note: You can optionally install fix pack 8.5.0.1 to resolve this issue.
Related Information
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21595986