Bug 1105051

Summary:	[QE] (6.3.0) org.jboss.as.test.integration.security.loginmodules.negotiation and SAML2AttributeMappingTestCase fails due to KrbException, status code: 9 message: The client or server has a null key
Product:	[JBoss] JBoss Enterprise Application Platform 6	Reporter:	Pavel Jelinek <pjelinek>
Component:	Security, Testsuite	Assignee:	jboss-set
Status:	CLOSED EOL	QA Contact:	Petr Kremensky <pkremens>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	6.3.0, 6.3.2	CC:	dpal, mkopecky, pkremens, pslavice
Target Milestone:	---
Target Release:	EAP 6.4.0
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:	IBMJDK
Last Closed:	2019-08-19 12:45:48 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1189141
Bug Blocks:	1099440

Description Pavel Jelinek 2014-06-05 09:49:41 UTC

This issue seems to be permanent on PPC and intermittent on Intel.

See: https://jenkins.mw.lab.eng.bos.redhat.com/hudson/view/EAP6/view/EAP6-AS-Testsuite/job/eap-6x-as-testsuite-RHEL-matrix-IBMJDK6/91/jdk=ibm16,label_exp=EAP-RHEL6-PPC64/testReport/org.jboss.as.test.integration.security.picketlink/SAML2AttributeMappingTestCase/testPassUserPrincipalToAttributeManager/

Stacktrace:

javax.security.auth.login.FailedLoginException: Login error: com.ibm.security.krb5.KrbException, status code: 9
	message: The client or server has a null key
	at com.ibm.security.jgss.i18n.I18NException.throwFailedLoginException(I18NException.java:25)
	at com.ibm.security.auth.module.Krb5LoginModule.j(Krb5LoginModule.java:33)
	at com.ibm.security.auth.module.Krb5LoginModule.b(Krb5LoginModule.java:374)
	at com.ibm.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:755)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
	at java.lang.reflect.Method.invoke(Method.java:611)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:777)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:211)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:703)
	at java.security.AccessController.doPrivileged(AccessController.java:362)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:700)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:606)
	at org.jboss.as.test.integration.security.picketlink.PicketLinkTestBase.makeCallWithKerberosAuthn(PicketLinkTestBase.java:279)
	at org.jboss.as.test.integration.security.picketlink.SAML2AttributeMappingTestCase.testPassUserPrincipalToAttributeManager(SAML2AttributeMappingTestCase.java:129)

Comment 1 Pavel Jelinek 2014-06-18 06:54:21 UTC

This issue is permanent on IBMJDK 1.7 where org.jboss.as.test.integration.security.loginmodules.negotiation tests are also affected.

Comment 2 Pavel Jelinek 2014-07-22 12:42:47 UTC

*** Bug 1078294 has been marked as a duplicate of this bug. ***

Comment 3 Marek Kopecky 2014-10-14 14:31:59 UTC

OpenJDK 1.6 is affected as well

Comment 4 Marek Kopecky 2015-02-02 08:22:51 UTC

SAML2KerberosAuthenticationTestCase fails too:
https://jenkins.mw.lab.eng.bos.redhat.com/hudson/job/eap-6x-as-testsuite-rhel/46/RELEASE=6.4.0,jdk=ibm1.7,label_exp=eap-sustaining%20&&%20EAP-RHEL7/testReport/

Comment 5 Petr Kremensky 2015-02-03 13:37:51 UTC

List of tests failing on IBM jdk due to:
com.ibm.security.krb5.KrbException, status code: 9 message: The client or server has a null key
--------------------------------------------------------------------------------------------------------------
org.jboss.as.test.integration.security.loginmodules.negotiation.AdvancedLdapLoginModuleTestCase.test1
org.jboss.as.test.integration.security.loginmodules.negotiation.AdvancedLdapLoginModuleTestCase.test2
org.jboss.as.test.integration.security.loginmodules.negotiation.AdvancedLdapLoginModuleTestCase.test3
org.jboss.as.test.integration.security.loginmodules.negotiation.AdvancedLdapLoginModuleTestCase.test4
org.jboss.as.test.integration.security.loginmodules.negotiation.SPNEGOLoginModuleTestCase.testAuthn
org.jboss.as.test.integration.security.loginmodules.negotiation.SPNEGOLoginModuleTestCase.testFormFallback
org.jboss.as.test.integration.security.loginmodules.negotiation.SPNEGOLoginModuleTestCase.testUnsucessfulAuthz
org.jboss.as.test.integration.security.loginmodules.negotiation.SPNEGOLoginModuleTestCase.testIdentityPropagation
org.jboss.as.test.integration.security.picketlink.SAML2AttributeMappingTestCase.testPassUserPrincipalToAttributeManager
org.jboss.as.test.integration.security.picketlink.SAML2KerberosAuthenticationTestCase.testJDukeRoles
org.jboss.as.test.integration.security.picketlink.SAML2KerberosAuthenticationTestCase.testJDukePrincipal