cajitq <cajitq@no-mx.forums.microfocus.com> wrote:
>

Hi
>
> I'm trying to configure kerberos for the User Application on SLES 12 SP3

with IdM 4.5.6.
>
> UA Info:
> Servername: sridmuatest02.frbkom.dk
> Userapp URL: https://idm.frederiksberg.dk:8443/dash
>
> So I've tried a couple of times now to make the keytab file, but no

mater what I do I get an Error when starting the UA. Here is the error I
get i catalina.out on startup:
>
> -Class: OSPTenantStartException
> Class: LoggableMessage
> Level: SEVERE
> Code:

internal.osp.framework.exception.OSPTenantStartExc eption.<init>() [20]
> Thread: localhost-startStop-1
> Correlation Id: 18455544-c8de-4892-8368-d0c49588c327
> Text: OSP Tenant Start Error: Tenant Id: idm
> Class: CoreException
> Root cause:
>
> java.lang.reflect.InvocationTargetException
> internal.atlaslite.jcce.exception.CoreException
> Error initializing Kerberos support
> java.lang.SecurityException
> java.io.IOException: Configuration Error:
> No such file or directory
> java.io.IOException
> Configuration Error:
> No such file or directory
> sun.reflect.NativeConstructorAccessorImpl:

NativeConstructorAccessorImpl.java: newInstance0: -2
> sun.reflect.NativeConstructorAccessorImpl:

NativeConstructorAccessorImpl.java: newInstance: 62
> sun.reflect.DelegatingConstructorAccessorImpl:

DelegatingConstructorAccessorImpl.java: newInstance: 45
> java.lang.reflect.Constructor: Constructor.java:

newInstance: 423
>

internal.osp.oidp.service.configuration.Configurat ionManager$InstanceLoader:
ConfigurationManager.java: newInstance: 2,679
> Root cause:
>
> at internal.osp.framework.OSPContext.start(OSPContext .java:864)
> at internal.osp.framework.OSPContext.start(OSPContext .java:758)
> at internal.osp.framework.OSPContext.set(OSPContext.j ava:487)
> at

internal.osp.framework.servlet.OSPServletContext.< init>(OSPServletContext.java:100)
> at

internal.osp.framework.servlet.OSPContextListener. getContext(OSPContextListener.java:49)
> at

internal.osp.framework.servlet.OSPContextListener. contextInitialized(OSPContextListener.java:77)
> at

org.apache.catalina.core.StandardContext.listenerS tart(StandardContext.java:4992)
> at

org.apache.catalina.core.StandardContext.startInte rnal(StandardContext.java:5490)
> at

org.apache.catalina.util.LifecycleBase.start(Lifec ycleBase.java:150)
> at

org.apache.catalina.core.ContainerBase.addChildInt ernal(ContainerBase.java:901)
> at

org.apache.catalina.core.ContainerBase.addChild(Co ntainerBase.java:877)
> at

org.apache.catalina.core.StandardHost.addChild(Sta ndardHost.java:649)
> at

org.apache.catalina.startup.HostConfig.deployWAR(H ostConfig.java:1083)
> at

org.apache.catalina.startup.HostConfig$DeployWar.r un(HostConfig.java:1880)
> at

java.util.concurrent.Executors$RunnableAdapter.cal l(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.jav a:266)
> at

java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1142)
> at

java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:748)
> Pre: [OSP]
> Lvl: INFO
> Java: internal.osp.framework.OSPContext.stop() [978]

thread=localhost-startStop-1
> Time: 2019-02-12T07:06:01.948+0100
> LogDta: StopSystem
>
> Pre: [OSP]
> Lvl: SEVERE
> Java:

internal.osp.framework.servlet.OSPContextListener. contextInitialized()
[85] thread=localhost-startStop-1
> Time: 2019-02-12T07:05:57.450+0100
> LogDta: Level: SEVERE
> Code:

internal.osp.framework.exception.OSPFrameworkStart Exception.<init>()
[20]
> Thread: localhost-startStop-1
> Correlation Id: 076638f7-2ac6-4a0a-9574-7a6de77ca4ab
> Text: OSP Framework Start Error
> Level: SEVERE
> Code:

internal.osp.framework.exception.OSPTenantStartExc eption.<init>() [20]
> Thread: localhost-startStop-1
> Correlation Id: 18455544-c8de-4892-8368-d0c49588c327
> Text: OSP Tenant Start Error: Tenant Id: idm-
>
> As you can see it is saying that a file or directory is missing??
>
> I've konfigures the /etc/krb5.conf file
> I've placed the keytab file under /opt/netiq/idm/apps/tomcat/conf
> I've made the Kerberos_login.config file under

/opt/netiq/idm/apps/tomcat/kerberos
> I've edited the java.security file to point to

/opt/netiq/idm/apps/tomcat/kerberos/Kerberos_login.config
>
> I've made novlua owner of all directories and files (except the

java.security file)
>
> I've tried to make the keytab file with both servername

(sridmuatest02.frbkom.dk) or DNS name (idm.frederiksberg.dk)
>
> No matter what I do I get the error shown above.
>
> Does anybody have an idea to whats going on here???
>
> Thank you all in advance!
>
> Carsten J√łrgensen



--
cajitq
------------------------------------------------------------------------
cajitq's Profile: https://forums.novell.com/member.php?userid=167924
View this thread: https://forums.novell.com/showthread.php?t=511235

>


Hi!

Can you verify ticketCache in Kerberos_login.config? Is it valid?

--
Best regards
Marcus