Ryan McKinley
unread,Aug 5, 2012, 3:31:18 PM8/5/12Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to waffle...@googlegroups.com
I'm running Waffle under Jetty and need to integrate with Apache Shiro. I have built an authenticating Realm that works great using the Waffle to login with user/pass -- thanks!
Now I'm trying to get Negotiate working without success. When connect with IE9 I see that tokens Negotiate tokens are passed, but it fails to login
2012-08-05 12:19:33,802 DEBUG waffle.servlet.NegotiateSecurityFilter - GET /test, contentlength: -1
2012-08-05 12:19:33,803 DEBUG waffle.servlet.NegotiateSecurityFilter - authorization required
2012-08-05 12:19:33,803 TRACE waffle.servlet.NegotiateSecurityFilter - sendUnauthorized. Connection=keep-alive
2012-08-05 12:19:33,806 DEBUG waffle.servlet.NegotiateSecurityFilter - GET /test, contentlength: -1
2012-08-05 12:19:33,807 TRACE waffle.servlet.spi.NegotiateSecurityFilterProvider - AuthorizationHeader: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
2012-08-05 12:19:33,808 DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - security package: Negotiate, connection id: 0:0:0:0:0:0:0:1:55445
2012-08-05 12:19:33,810 DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - token buffer: 40 byte(s)
2012-08-05 12:19:33,990 WARN waffle.servlet.NegotiateSecurityFilter - error logging in user: The token supplied to the function is invalid
2012-08-05 12:19:33,990 TRACE waffle.servlet.NegotiateSecurityFilter - sendUnauthorized. Connection=close
The message "The token supplied to the function is invalid" is from the Win32Exception:
com.sun.jna.platform.win32.Win32Exception: The token supplied to the function is invalid
at waffle.windows.auth.impl.WindowsAuthProviderImpl.acceptSecurityToken(WindowsAuthProviderImpl.java:123)
at waffle.servlet.spi.NegotiateSecurityFilterProvider.doFilter(NegotiateSecurityFilterProvider.java:97)
at waffle.servlet.spi.SecurityFilterProviderCollection.doFilter(SecurityFilterProviderCollection.java:108)
at waffle.servlet.NegotiateSecurityFilter.doFilter(NegotiateSecurityFilter.java:94)
Any pointers on what to look at next?
What are the windows domain requirements? Should 'Negotiate' work for a computer that is in a WORKGROUP rather then a domain? Is there anyway to test Negotiate directly from java (without a browser)?
Thanks
Ryan