Unable to authenticate using "KERBEROS AUTHENTICATION SCHEME"

TestSolace

Hi Team,
When i am trying to connect to a session using Kerberos Authentication Scheme.
It throws Unauthorized Login failure error.
can anyone please tell me what must have been missing?
Below is the list of Session Properties i am passing to connect to the session. I am using C API.
propIndex =0;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_HOST;
sprintf(SOLClientSessionPropHost, "wss://%s.test123.com:443", appliance);
sessionProps[propIndex++] = SOLClientSessionPropHost;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_SSL_TRUST_STORE_DIR;
sessionProps[propIndex++] = "Path";
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_VPN_NAME;
sessionProps[propIndex++] = "TEST";
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_AUTHENTICATION_SCHEME;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_AUTHENTICATION_SCHEME_BASIC;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_AUTHENTICATION_SCHEME;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_AUTHENTICATION_SCHEME_GSS_KRB;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_GUARANTEED_WITH_WEB_TRANSPORT;
sessionProps[propIndex++] = SOLCLIENT_PROP_ENABLE_VAL;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_TCP_NODELAY;
sessionProps[propIndex++] = "1";
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_REAPPLY_SUBSCRIPTIONS;
sessionProps[propIndex++] = SOLCLIENT_PROP_ENABLE_VAL;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_SUBSCRIBE_BLOCKING;
sessionProps[propIndex++] = SOLCLIENT_PROP_DISABLE_VAL;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_CONNECT_BLOCKING;
sessionProps[propIndex++] = SOLCLIENT_PROP_ENABLE_VAL;
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_CONNECT_RETRIES;
sessionProps[propIndex++] = "2";
sessionProps[propIndex++] = SOLCLIENT_SESSION_PROP_RECONNECT_RETRY_WAIT_MS;
SessionProps[propIndex++] = "5000";

The error response code is 401.
Thanks

Ragnar

Is there an Information string with the 401? Usually the broker send 403 errors for authentication problems.

TestSolace

Hi @Ragnar ,
Yes, there is an information string attached to it which is "Unauthenticated Authentication Not allowed". The response code is 401 and not 403.
Thanks.

Ragnar

This error is returned from the broker when configured to LDAP for authorization. It would appear that the Kerberos authentication worked or was ignored. It could be ignored if you have configured Basic Authentication on the broker and allowed no password. Then LDAP would fail. If the broker is configured properly for Kerberos authentication and it is still failing this way, it may be the combination of Kerberos and LDAP is not currently supported.