WNA JAZN Kerberos Initialization Fails with Error "No Valid Credentials Provided" but KINIT Works
(Doc ID 397203.1)
Last updated on MARCH 01, 2023
Oracle Application Server Single Sign-On - Version 10.1.2.0.2 to 10.1.4.3 [Release 10gR2 to 10gR3] Information in this document applies to any platform.
Accessing any SSO protected application after enabling WNA fails with error HTTP 500
The file $ORACLE_HOME/opmn/logs/OC4J~OC4J_SECURITY~default_island~1 shows after enabling JAZN debugging [described in the troubleshooting section of article 264666.1] that a lower case Active Domain is used, for example: principal is HTTP/<SSO_SERVERNAME>@<ACTIVE_DIRECTORY_DOMAIN>
kinit HTTP/<SSO_SERVERNAME> is successful
krb5.conf/krb5.ini contains the Active Directory Domain in upper case
klist -k -e -K -t <PATH>/<KEYTAB_FILE_NAME> shows also an upper case AD domain
Configuration of Windows Native Authentication ( WNA )
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!