Team, I have a question on Single Sign On using Kerberos Authentication.
We have generated a keytab file for the domain like "POC.MAIL.COM" and our server is hosted on "SW.MAIL.COM". As our application runs on Websphere Application Server, we tried to set the Kerberos configuration as given in the document (page no:167)http://www.redbooks.ibm.com/redbooks/pdfs/sg247771.pdf . We are facing the an error saying that "Cannot get credential for principal service HTTP/[email protected]". Can someone help me in resolving the issue..?
Please post a comment if any additional information is required..
When I try to set the krb5.conf and keytab file on "Kerberos Authentication Mechanism page", we are getting this error.
When I ran the command klist as per your input, I got the output as below
"Key table: /etc/krb5/pocsso.keytab
Number of entries: 1
[1.] principal: HTTP/[email protected] KVNO: 12 "
UPDATE .
Ticket cache: FILE:/tmp/krb5cc_38698 Default principal: [email protected] Valid starting Expires Service principal 01/09/2014 16:15 02/09/2014 02:21 krbtgt/[email protected] renew until 08/09/2014 16:15