ant -f D:\\LaserBeam\\JRASamples -Dnb.internal.action.name=debug -Ddebug.class=com.laserfiche.samples.EntryLinkSample debug init: Deleting: D:\LaserBeam\JRASamples\build\built-jar.properties deps-jar: Updating property file: D:\LaserBeam\JRASamples\build\built-jar.properties compile: Java config name: C:/Windows/krb5.ini Loaded from Java config >>> KdcAccessibility: reset Using builtin default etypes for default_tkt_enctypes default etypes for default_tkt_enctypes: 18 17 16 23. >>> KrbAsReq creating message >>> KrbKdcReq send: kdc=[KDC NAME] UDP:88, timeout=30000, number of retries =3, #bytes=151 >>> KDCCommunication: kdc=[KDC NAME] UDP:88, timeout=30000,Attempt =1, #bytes=151 >>> KrbKdcReq send: #bytes read=196 >>>Pre-Authentication Data: PA-DATA type = 19 PA-ETYPE-INFO2 etype = 18, salt = [KERBEROS REALM]john.chien, s2kparams = null PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null >>>Pre-Authentication Data: PA-DATA type = 2 PA-ENC-TIMESTAMP >>>Pre-Authentication Data: PA-DATA type = 16 >>>Pre-Authentication Data: PA-DATA type = 15 >>> KdcAccessibility: remove [KDC NAME] >>> KDCRep: init() encoding tag is 126 req type is 11 >>>KRBError: sTime is Fri Dec 07 10:33:02 EST 2018 1544196782000 suSec is 503784 error code is 25 error Message is Additional pre-authentication required sname is krbtgt/[KERBEROS REALM]@[KERBEROS REALM] eData provided. msgType is 30 >>>Pre-Authentication Data: PA-DATA type = 19 PA-ETYPE-INFO2 etype = 18, salt = [KERBEROS REALM]john.chien, s2kparams = null PA-ETYPE-INFO2 etype = 23, salt = null, s2kparams = null >>>Pre-Authentication Data: PA-DATA type = 2 PA-ENC-TIMESTAMP >>>Pre-Authentication Data: PA-DATA type = 16 >>>Pre-Authentication Data: PA-DATA type = 15 KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ Using builtin default etypes for default_tkt_enctypes default etypes for default_tkt_enctypes: 18 17 16 23. Using builtin default etypes for default_tkt_enctypes default etypes for default_tkt_enctypes: 18 17 16 23. >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType >>> KrbAsReq creating message >>> KrbKdcReq send: kdc=[KDC NAME] UDP:88, timeout=30000, number of retries =3, #bytes=233 >>> KDCCommunication: kdc=[KDC NAME] UDP:88, timeout=30000,Attempt =1, #bytes=233 >>> KrbKdcReq send: #bytes read=100 >>> KrbKdcReq send: kdc=[KDC NAME] TCP:88, timeout=30000, number of retries =3, #bytes=233 >>> KDCCommunication: kdc=[KDC NAME] TCP:88, timeout=30000,Attempt =1, #bytes=233 >>>DEBUG: TCPClient reading 1530 bytes >>> KrbKdcReq send: #bytes read=1530 >>> KdcAccessibility: remove [KDC NAME] >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType >>> KrbAsRep cons in KrbAsReq.getReply ckchien Found ticket for ckchien@[KERBEROS REALM] to go to krbtgt/[KERBEROS REALM]@[KERBEROS REALM] expiring on Fri Dec 07 20:33:04 EST 2018 Entered Krb5Context.initSecContext with state=STATE_NEW Found ticket for ckchien@[KERBEROS REALM] to go to krbtgt/[KERBEROS REALM]@[KERBEROS REALM] expiring on Fri Dec 07 20:33:04 EST 2018 Service ticket not found in the subject >>> Credentials acquireServiceCreds: same realm Using builtin default etypes for default_tgs_enctypes default etypes for default_tgs_enctypes: 18 17 16 23. >>> CksumType: sun.security.krb5.internal.crypto.RsaMd5CksumType >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType >>> KrbKdcReq send: kdc=[KDC NAME] TCP:88, timeout=30000, number of retries =3, #bytes=1481 >>> KDCCommunication: kdc=[KDC NAME] TCP:88, timeout=30000,Attempt =1, #bytes=1481 >>>DEBUG: TCPClient reading 1424 bytes >>> KrbKdcReq send: #bytes read=1424 >>> KdcAccessibility: remove [KDC NAME] >>> EType: sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType //Following are Java program exception print stack message KrbException: Message stream modified (41) at sun.security.krb5.KrbKdcRep.check(KrbKdcRep.java:50) at sun.security.krb5.KrbTgsRep.(KrbTgsRep.java:87) at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:251) at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:262) at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:308) at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:126) at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:458) at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:693) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at sun.security.jgss.spnego.SpNegoContext.GSS_initSecContext(SpNegoContext.java:882) at sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:317) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at com.laserfiche.protocol.HttpRequest$1.run(HttpRequest.java:170) at com.laserfiche.protocol.HttpRequest$1.run(HttpRequest.java:165) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.laserfiche.protocol.HttpRequest.authenticateSPNEGO(HttpRequest.java:165) at com.laserfiche.protocol.HttpRequest.sendRequest(HttpRequest.java:53) at com.laserfiche.repositoryaccess.Session.doLogin(Session.java:755) at com.laserfiche.repositoryaccess.Session.logIn(Session.java:540) at com.laserfiche.repositoryaccess.Session.logIn(Session.java:554) at com.laserfiche.samples.EntryLinkSample.main(EntryLinkSample.java:45) com.laserfiche.protocol.HttpException: Authentication failed: cannot initialize SPNEGO context. at com.laserfiche.protocol.HttpRequest.authenticateSPNEGO(HttpRequest.java:183) at com.laserfiche.protocol.HttpRequest.sendRequest(HttpRequest.java:53) at com.laserfiche.repositoryaccess.Session.doLogin(Session.java:755) at com.laserfiche.repositoryaccess.Session.logIn(Session.java:540) at com.laserfiche.repositoryaccess.Session.logIn(Session.java:554) at com.laserfiche.samples.EntryLinkSample.main(EntryLinkSample.java:45) Caused by: GSSException: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Message stream modified (41))) at sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:454) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at com.laserfiche.protocol.HttpRequest$1.run(HttpRequest.java:170) at com.laserfiche.protocol.HttpRequest$1.run(HttpRequest.java:165) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.laserfiche.protocol.HttpRequest.authenticateSPNEGO(HttpRequest.java:165) ... 5 more Caused by: GSSException: No valid credentials provided (Mechanism level: Message stream modified (41)) at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:770) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at sun.security.jgss.spnego.SpNegoContext.GSS_initSecContext(SpNegoContext.java:882) at sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:317) ... 12 more Caused by: KrbException: Message stream modified (41) at sun.security.krb5.KrbKdcRep.check(KrbKdcRep.java:50) at sun.security.krb5.KrbTgsRep.(KrbTgsRep.java:87) at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:251) at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:262) at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:308) at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:126) at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:458) at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:693) ... 16 more debug: