Shibboleth IDP on Websphere - java.lang.ClassNotFoundException: com.sun.security.auth.module.Krb5LoginModule

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Shibboleth IDP on Websphere - java.lang.ClassNotFoundException: com.sun.security.auth.module.Krb5LoginModule

waheed
Hi !

I have been trying to run Shibboleth IDP on IBM Websphere and so far i am successful. Now i am trying add SPNEGO. Issue i am getting is below.

2017-06-27 14:41:19,678 - TRACE [net.shibboleth.idp.authn.spnego.impl.GSSContextAcceptor:112] - Processing first GSS input token
2017-06-27 14:41:19,678 - DEBUG [net.shibboleth.idp.authn.spnego.impl.GSSContextAcceptor:175] - Validating the first GSS input token against service principal: HTTP/ITOVML921T.gos.ca@GOS.CA
2017-06-27 14:41:19,688 - ERROR [net.shibboleth.idp.authn.spnego.impl.GSSAcceptorLoginModule:83] - Unable to instantiate JAAS module for Kerberos
java.lang.ClassNotFoundException: com.sun.security.auth.module.Krb5LoginModule
        at java.lang.Class.forNameImpl(Native Method)

2017-06-27 14:41:19,689 - ERROR [net.shibboleth.idp.authn.spnego.impl.GSSContextAcceptor:216] - Server login error using principal: HTTP/ITOVML921T.gos.ca@GOS.CA
2017-06-27 14:41:19,691 - DEBUG [net.shibboleth.idp.authn.spnego.impl.GSSContextAcceptor:188] - Error establishing security context
javax.security.auth.login.LoginException: No JAAS module for Kerberos available
        at net.shibboleth.idp.authn.spnego.impl.GSSAcceptorLoginModule.login(GSSAcceptorLoginModule.java:97)
2017-06-27 14:41:19,692 - DEBUG [net.shibboleth.idp.authn.spnego.impl.SPNEGOAuthnController:165] - Exception processing GSS token
javax.security.auth.login.LoginException: No JAAS module for Kerberos available
        at net.shibboleth.idp.authn.spnego.impl.GSSAcceptorLoginModule.login(GSSAcceptorLoginModule.java:97)

I had a look at the source code and saw hard coded value for this class. how can i change it to use IBM Krb5LoginModule Implementation i.e. com.ibm.security.auth.module.Krb5LoginModule .

public class KerberosSettings extends AbstractInitializableComponent {
  44
  45     /** Class name of JAAS LoginModule to acquire Kerberos credentials. */
  46     @Nonnull @NotEmpty private String loginModuleClassName;
  47
  48     /** Refresh the Kerberos config before running? */
  49     private boolean refreshKrb5Config;
  50
  51     /** List of realms (KerberosRealmSettings objects). */
  52     @NonnullAfterInit @NonnullElements private Collection<KerberosRealmSettings> realmSettings;
  53
  54     /** Constructor. */
  55     public KerberosSettings() {
  56         loginModuleClassName = "com.sun.security.auth.module.Krb5LoginModule";
  57         realmSettings = Collections.emptyList();
  58     }


Thanks for your help.
Loading...