Bhuvi
JCHJava Community | Help. Code. Learn.
•Created by Bhuvi on 9/13/2024 in #java-help
Kerberos, SSO authentication doubt
I have an internal Java 17 spring-boot application with SSO validation using Kerberos and SPNEGO. Our setup includes the following:
AD: Azure AD
KDC: Multiple (Local)
Application Host Server: Azure cloud
Application Server: Tomcat 10.1
For kerberos validation I've created a unique user in AD with admin privileges and enabled AES encryption types (AES-256, AES-128, RC-HMAC) for both the user and the computer. Also generated a keytab file, configured Tomcat with the appropriate credentials, and set up the krb5.ini and jass.conf.ini files.
Despite these configurations, I keep encountering the error: "Unable to decrypt AES-256." No matter what changes I make, the issue persists.
Can anybody guide me on configuring SSO?
11 replies