spnego.jar 从 Java 7 切换到 Java 8 转换异常
spnego.jar switch from Java 7 to Java 8 cast exception
我在 web.xml 中使用 dfelix 的 spnego.jar 和 Glassfish 4.1 作为过滤器。我在项目论坛上问了这个问题,但没有收到回复。
我想从 Java 1.7.0_45 切换到 1.8.0_45 (也尝试过其他 1.8 版本)。打开测试环境后,我收到如下所示的错误。还尝试了一个简单的单独案例 Java 也收到案例异常。
我使用与 1.7 中相同的 krb5.conf(下图)、login.conf 和 keytab 文件。
它与 Java 1.8 不兼容吗?
[glassfish 4.1] [SEVERE] [] [javax.enterprise.web] [tid: _ThreadID=16 _ThreadName=RunLevelControllerThread-1431425761516] [timeMillis: 1431425776202] [levelValue: 1000] [[
WebModule[/ax]Exception starting filter SpnegoHttpFilter
java.lang.InstantiationException
at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:135)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:5329)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:5943)
at com.sun.enterprise.web.WebModule.start(WebModule.java:691)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:1041)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:1024)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:747)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:2286)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1932)
at com.sun.enterprise.web.WebApplication.start(WebApplication.java:139)
at org.glassfish.internal.data.EngineRef.start(EngineRef.java:122)
at org.glassfish.internal.data.ModuleInfo.start(ModuleInfo.java:291)
at org.glassfish.internal.data.ApplicationInfo.start(ApplicationInfo.java:352)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:500)
at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
at com.sun.enterprise.v3.server.ApplicationLoaderService.postConstruct(ApplicationLoaderService.java:243)
at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:329)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:377)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:227)
at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:84)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:1162)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:1147)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.servlet.ServletException: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: java.lang.ClassCastException: java.util.Vector cannot be cast to java.util.Hashtable
at sun.security.krb5.Config.get0(Config.java:287)
at sun.security.krb5.Config.getString0(Config.java:268)
at sun.security.krb5.Config.getAll(Config.java:240)
at sun.security.krb5.Config.getKDCList(Config.java:1030)
at sun.security.krb5.KdcComm.send(KdcComm.java:218)
at sun.security.krb5.KdcComm.send(KdcComm.java:200)
at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:316)
at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:776)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access[=15=]0(LoginContext.java:195)
at javax.security.auth.login.LoginContext.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at net.sourceforge.spnego.SpnegoAuthenticator.(SpnegoAuthenticator.java:161)
at net.sourceforge.spnego.SpnegoHttpFilter.init(SpnegoHttpFilter.java:196)
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:131)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:5329)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:5943)
at com.sun.enterprise.web.WebModule.start(WebModule.java:691)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:1041)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:1024)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:747)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:2286)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1932)
at com.sun.enterprise.web.WebApplication.start(WebApplication.java:139)
at org.glassfish.internal.data.EngineRef.start(EngineRef.java:122)
at org.glassfish.internal.data.ModuleInfo.start(ModuleInfo.java:291)
at org.glassfish.internal.data.ApplicationInfo.start(ApplicationInfo.java:352)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:500)
at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
at com.sun.enterprise.v3.server.ApplicationLoaderService.postConstruct(ApplicationLoaderService.java:243)
at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:329)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:377)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:227)
at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:84)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:1162)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:1147)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
login.conf:
spnego-server {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="ax.keytab"
principal=development
storeKey=true;
};
krb5.conf
[libdefaults]
default_realm = LOC.COM
default_tkt_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
default_tgs_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
permitted_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
forwardable = true
udp_preference_limit = 1
[realms]
LOC.COM = { KDC = ax.loc.com default_domain = LOC.COM }
[domain_realm]
.loc.com = LOC.COM
loc.com = LOC.COM
ax.loc.com = AX.LOC.COM
您需要像这样重新格式化 krb5.conf 的 [realms] 部分:
[realms]
LOC.COM = {
KDC = ax.loc.com
default_domain = LOC.COM
}
JDK8 中的 krb5.conf 解析有一些变化,JDK-7184246 : Simplify Config.get() of krb5 looks interesting. The diff 显示 krb5.conf 的逐行处理发生了重大变化。这似乎使您的文件在 JDK7 下可解析,在 JDK8 下无法解析。我认为它现在希望在自己的行上看到右大括号。
我认为 krb5.conf 没有严格的规范,但大多数示例在各自的行上显示大括号,并且每行只显示一个赋值。
我在 web.xml 中使用 dfelix 的 spnego.jar 和 Glassfish 4.1 作为过滤器。我在项目论坛上问了这个问题,但没有收到回复。
我想从 Java 1.7.0_45 切换到 1.8.0_45 (也尝试过其他 1.8 版本)。打开测试环境后,我收到如下所示的错误。还尝试了一个简单的单独案例 Java 也收到案例异常。
我使用与 1.7 中相同的 krb5.conf(下图)、login.conf 和 keytab 文件。
它与 Java 1.8 不兼容吗?
[glassfish 4.1] [SEVERE] [] [javax.enterprise.web] [tid: _ThreadID=16 _ThreadName=RunLevelControllerThread-1431425761516] [timeMillis: 1431425776202] [levelValue: 1000] [[ WebModule[/ax]Exception starting filter SpnegoHttpFilter
java.lang.InstantiationException at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:135)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:5329)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:5943) at com.sun.enterprise.web.WebModule.start(WebModule.java:691)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:1041)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:1024)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:747)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:2286)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1932)
at com.sun.enterprise.web.WebApplication.start(WebApplication.java:139)
at org.glassfish.internal.data.EngineRef.start(EngineRef.java:122)
at org.glassfish.internal.data.ModuleInfo.start(ModuleInfo.java:291)
at org.glassfish.internal.data.ApplicationInfo.start(ApplicationInfo.java:352)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:500)
at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
at com.sun.enterprise.v3.server.ApplicationLoaderService.postConstruct(ApplicationLoaderService.java:243)
at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:329)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:377)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:227)
at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:84)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:1162)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:1147)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.servlet.ServletException: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: java.lang.ClassCastException: java.util.Vector cannot be cast to java.util.Hashtable
at sun.security.krb5.Config.get0(Config.java:287)
at sun.security.krb5.Config.getString0(Config.java:268)
at sun.security.krb5.Config.getAll(Config.java:240)
at sun.security.krb5.Config.getKDCList(Config.java:1030)
at sun.security.krb5.KdcComm.send(KdcComm.java:218)
at sun.security.krb5.KdcComm.send(KdcComm.java:200)
at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:316)
at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:776)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access[=15=]0(LoginContext.java:195)
at javax.security.auth.login.LoginContext.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at net.sourceforge.spnego.SpnegoAuthenticator.(SpnegoAuthenticator.java:161)
at net.sourceforge.spnego.SpnegoHttpFilter.init(SpnegoHttpFilter.java:196)
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:131)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:5329)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:5943)
at com.sun.enterprise.web.WebModule.start(WebModule.java:691)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:1041)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:1024)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:747)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:2286)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1932)
at com.sun.enterprise.web.WebApplication.start(WebApplication.java:139)
at org.glassfish.internal.data.EngineRef.start(EngineRef.java:122)
at org.glassfish.internal.data.ModuleInfo.start(ModuleInfo.java:291)
at org.glassfish.internal.data.ApplicationInfo.start(ApplicationInfo.java:352)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:500)
at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
at com.sun.enterprise.v3.server.ApplicationLoaderService.postConstruct(ApplicationLoaderService.java:243)
at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:329)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:377)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:227)
at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:84)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:1162)
at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:1147)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
login.conf:
spnego-server {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="ax.keytab"
principal=development
storeKey=true;
};
krb5.conf
[libdefaults]
default_realm = LOC.COM
default_tkt_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
default_tgs_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
permitted_enctypes = aes256-cts aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
forwardable = true
udp_preference_limit = 1
[realms]
LOC.COM = { KDC = ax.loc.com default_domain = LOC.COM }
[domain_realm]
.loc.com = LOC.COM
loc.com = LOC.COM
ax.loc.com = AX.LOC.COM
您需要像这样重新格式化 krb5.conf 的 [realms] 部分:
[realms]
LOC.COM = {
KDC = ax.loc.com
default_domain = LOC.COM
}
JDK8 中的 krb5.conf 解析有一些变化,JDK-7184246 : Simplify Config.get() of krb5 looks interesting. The diff 显示 krb5.conf 的逐行处理发生了重大变化。这似乎使您的文件在 JDK7 下可解析,在 JDK8 下无法解析。我认为它现在希望在自己的行上看到右大括号。
我认为 krb5.conf 没有严格的规范,但大多数示例在各自的行上显示大括号,并且每行只显示一个赋值。