Talal Qaboos posted a comment on discussion Help

Well Thank You so Much Darwin it really works. Thanks you so much for your support. I tested on 2 machines 1 with Windows 8 and 2nd with windows 10 it work like a charm. Thank You once again. But can you help only one thing. It work on Google Chrome and on Internet Explorer butt it prompt dialog box when i run on FireFox. I also add trusted negotiation URL but still prompting. I will be greatfull if u can also help me on this. Thanks Regards, Talal Qaboos

Talal Qaboos posted a comment on discussion Help

Yes Darwin i have requested my Support team to arrange me new Client Machine with Windows 8 Currently my Client machine is Windows Server 2012 R2

Talal Qaboos posted a comment on discussion Help

Hi Darwin, Thanks for reply. Yes i have set localhost to false. There is no 8080 or 80 port running on Client machine Here are output from internet explorer *TOP Pane TCPMon* GET /hello_spnego.jsp HTTP/1.1 Accept: text/html, application/xhtml+xml, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: ldc-uat-2:80 DNT: 1 Connection: Keep-Alive * Bottom Pane TCPMon**** HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1...

Talal Qaboos posted a comment on discussion Help

Request From Chrome **Top Pane of TCPMon** GET /hello_spnego.jsp HTTP/1.1 Host: ldc-uat-2:80 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 **Bottom Pane TCPMon*** HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1...

Talal Qaboos posted a comment on discussion Help

IF i set spnego.allow.localhost : true in web.xml then TCP Mon output will be TCPMon Top Pane GET /hello_spnego.jsp HTTP/1.1 Host: ldc-uat-2:80 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 GET /favicon.ico HTTP/1.1...

Talal Qaboos posted a comment on discussion Help

setspn.exe -L user.one Microsoft Windows [Version 6.3.9600] (c) 2013 Microsoft Corporation. All rights reserved. C:\Users\uni.app2>setspn.exe -L user.one Registered ServicePrincipalNames for CN=user.one,OU=Test Users,DC=uatax,DC=com,D C=pk: HTTP/intranet HTTP/intranet.uatax.com.pk HTTP/ldc-uat-2.uatax.com.pk HTTP/ldc-uat-2 C:\Users\uni.app2> TCPMon Output HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 WWW-Authenticate: Negotiate WWW-Authenticate: Basic realm="UATAX.COM.PK" Content-Length: 0...

Talal Qaboos posted a comment on discussion Help

I Ran Java Code on my Client Machine and this is Output **import java.net.URL; import net.sourceforge.spnego.SpnegoHttpURLConnection; public class HelloKeytab { public static void main(final String[] args) throws Exception { final String username = "uni.app2"; // ex. dfelix final String password = "12345678"; // ex. myp@s5 final String url = "http://ldc-uat-2:8085/hello_spnego.jsp"; // ex. http://medusa:8080/hello_jsp.jsp final String module = "spnego-client"; // ex. spnego-client System.setProperty("java.security.krb5.conf",...

Talal Qaboos posted a comment on discussion Help

Sep 30, 2019 4:35:50 PM org.apache.catalina.startup.VersionLoggerListener log INFO: Server version: Apache Tomcat/7.0.81 Sep 30, 2019 4:35:50 PM org.apache.catalina.startup.VersionLoggerListener log INFO: Server built: Aug 11 2017 10:21:27 UTC Sep 30, 2019 4:35:50 PM org.apache.catalina.startup.VersionLoggerListener log INFO: Server number: 7.0.81.0 Sep 30, 2019 4:35:50 PM org.apache.catalina.startup.VersionLoggerListener log INFO: OS Name: Windows Server 2012 R2 Sep 30, 2019 4:35:50 PM org.apache.catalina.startup.VersionLoggerListener...

Talal Qaboos posted a comment on discussion Help

One more thing. In my app server it works fine. it show me message without being prompt but when i false this "spnego.allow.localhost" in web xml it keeps prompting. Darwin Can you share me Screenshot for "Zeus , deflix" in LDAP. I want to see which key type you been checked.

Talal Qaboos modified a comment on discussion Help

Hi Darwin, "User One" in CN is my display name. I have changed to "user.one" .My Output is PS C:> setspn.exe -Q Http/ldc-uat-2 Checking domain DC=uatax,DC=com,DC=pk CN=user.one,OU=Test Users,DC=uatax,DC=com,DC=pk HTTP/intranet HTTP/intranet.uatax.com.pk HTTP/ldc-uat-2.uatax.com.pk HTTP/ldc-uat-2 Existing SPN found! PS C:> setspn.exe -Q Http/ldc-uat-2.uatax.com.pk Checking domain DC=uatax,DC=com,DC=pk CN=user.one,OU=Test Users,DC=uatax,DC=com,DC=pk HTTP/intranet HTTP/intranet.uatax.com.pk HTTP/ldc-uat-2.uatax.com.pk...

Talal Qaboos modified a comment on discussion Help

Talal Qaboos posted a comment on discussion Help

Hi Darwin, Tell me something. is spnego k sensitive? Because as per your this link http://spnego.sourceforge.net/spnego_tomcat.html you use small "z" in web.xml for spnego.preauth.username but while registering SPN COmmand you write zeus like this "Zeus" setspn.exe -A HTTP/medusa Zeus setspn.exe -A HTTP/medusa.athena.local Zeus setspn.exe -A HTTP/intranet Zeus setspn.exe -A HTTP/intranet.kerbtek.com Zeus is that any difference between both of them? Thanks in advance

Talal Qaboos posted a comment on discussion Help

Hi Darwin, I have modified the web.xml by give path of "krb.conf" and "login.conf" files and these are outputs for command you ask me to run. I run these commands on LDAP machine. PS C:> setspn.exe -Q Http/ldc-uat-2 Checking domain DC=uatax,DC=com,DC=pk CN=User One,OU=Test Users,DC=uatax,DC=com,DC=pk HTTP/intranet HTTP/intranet.uatax.com.pk HTTP/ldc-uat-2.uatax.com.pk HTTP/ldc-uat-2 Existing SPN found! PS C:> setspn.exe -Q Http/ldc-uat-2.uatax.com.pk Checking domain DC=uatax,DC=com,DC=pk CN=User...

Talal Qaboos modified a comment on discussion Help

Need to add something more My LDAP Machine is Windows Server 2012 R2 KDC = ex.uatax.com.pk Service account user.one My HTTP Machine is Windows Server 2012 R2 FQDN = LDC-UAT-2 username = uni.app2 My CLIENT Machine is Windows Server 2012 R2 FQDN = LDC-UAT-1 username = uni.app1 All machine and users are of Domain UATAX.COM.PK

Talal Qaboos posted a comment on discussion Help

Need to add something more My LDAP Machine is Windows Server 2012 R2 KDC = ex.uatax.com.pk Service account user.one My HTTP Machine is Windows Server 2012 R2 FQDN = LDC-UAT-2 username = uni.app2 My CLIENT Machine is Windows Server 2012 R2 FQDN = LDC-UAT-1 username = uni.app1 All machine and users are of Domain UATAX.COM.PK

Talal Qaboos posted a comment on discussion Help

i Have 3 machines 1- LDAP 2- Apache or Server 3- Client Machine I have create a service account in LDAP username like "user.one" with password expire never. Then from my client machine i placed krb5,conf , login.conf , spnego.jar and HelloKDC.java in C: folder. and tested it . the result is sucessfull. Now i have install apche 7 in my Server machine on same domain and with FQDN "ldc-uat-2" Domain "uatax.com.pk" i copy krb5 and login file into conf folder of apache. placed spnego.jar file in lib folder...

Talal Qaboos posted a comment on discussion Help

Hi, i have done all the steps mention in your link for apache tomcat 7. 1st tell me what is intranet.kerbtek.com 2nd it keep promting login credential dialog in client machine help me. thanks