I have an issue with my athentication with kerberos on ICS. When I want to connect to the web interface of a user (The same with my instant communicator), using a web browser (https://@IP ICS/myprofile), I get this error:
HTTP Status 500 -
--------------------------------------------------------------------------------
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
java.lang.UnsupportedOperationException: NTLM specified. Downgraded to Basic Auth (and/or SSL) but downgrade not supported.
net.sourceforge.spnego.SpnegoProvider.negotiate(SpnegoProvider.java:146)
net.sourceforge.spnego.SpnegoAuthenticator.authenticate(SpnegoAuthenticator.java:271)
net.sourceforge.spnego.SpnegoHttpFilter.doFilter(SpnegoHttpFilter.java:229)
note The full stack trace of the root cause is available in the Apache Tomcat/6.0.29 logs.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The configuration for me is good, I did it with the Alcatel Documentation.
the silent logon with Internet Explorer is ok
the configuration files on ICS (krb5.conf, auth.config, web.xml in the authentificationform and authentificationbasic directory is ok.
I did a test (HelloKDC.java) to verify the communication between ICS and Active Directory everything is ok
Forwardable Ticket false
Forwarded Ticket false
Proxiable Ticket false
Proxy Ticket false
Postdated Ticket false
Renewable Ticket false
Initial Ticket false
Auth Time = Tue Apr 30 21:27:36 CEST 2013
Start Time = Tue Apr 30 21:27:36 CEST 2013
End Time = Wed May 01 07:27:36 CEST 2013
Renew Till = null
Client Addresses Null
Connection test successful.
If some one have the same issue, and have a solution, or tips to resolve this problem, I am very interested in
. Thank you for your help
