I have been trying to make an application which needs to bind to LDAP server using GSSAPI using the ticket provided by the Kerberos server. I am using Novell's JLDAP library for this purpose.
I am able to get a ticket from the authentication server but when I try to bind to the Service Server(LDAP in my case ), I get GSSException: Major Status: (589824, Invalid token was supplied), Minor Status: (0, Unknown error) and the bind fails.
The AS(Authentication Server) and SS(Service Server(LDAP server)), both are behind a single proxy. In this case, do they need mutual authentication?
I not sure but it seems my java code is not able to get/recognize/decrypt the token recieved from the AS(Authentication Server). I am providing the mechanism name as "GSSAPI" in the SASL bind method of Novell's LDAPConnection.java
Did anyone face this kind of trouble? What would be the cause and probable solutions for this? Please explain.
