WNA JAZN Kerberos Initialization Fails with Error "No Valid Credentials Provided" but KINIT Works
(Doc ID 397203.1)
Last updated on NOVEMBER 15, 2019
Applies to:Oracle Application Server Single Sign-On - Version 10.1.2.0.2 to 10.1.4.3 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.
***Checked for relevance on 06-NOV-2019***
- Accessing any SSO protected application after enabling WNA fails with error HTTP 500
- The file $ORACLE_HOME/opmn/logs/OC4J~OC4J_SECURITY~default_island~1 shows after enabling JAZN debugging [described in the troubleshooting section of article 264666.1] that a lower case Active Domain is used, for example: principal is HTTP/<SSO_SERVERNAME>@<ACTIVE_DIRECTORY_DOMAIN>
- kinit HTTP/<SSO_SERVERNAME> is successful
- krb5.conf/krb5.ini contains the Active Directory Domain in upper case
- klist -k -e -K -t <PATH>/<KEYTAB_FILE_NAME> shows also an upper case AD domain
Configuration of Windows Native Authentication ( WNA )
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document