APAR status
Closed as program error.
Error description
Error Message: com.ibm.security.krb5.KrbException, status code: 0 message: Key etype did not match the etype in encPart. . Stack Trace: at com.ibm.security.krb5.KrbAsRep.<init>(KrbAsRep.java:33) at com.ibm.security.krb5.KrbAsReq.getReply(KrbAsReq.java:199) at com.ibm.security.krb5.internal.tools.Kinit.a(Kinit.java:161) at com.ibm.security.krb5.internal.tools.Kinit.<init>(Kinit.java:88) . N/A
Local fix
1. Use keytab with single key inside 2. Use LoginContext with com.ibm.security.auth.module.Krb5LoginModule to login
Problem summary
The problem happens because a wrong key might be picked when there are multiple keys in keytab
Problem conclusion
This defect will be fixed in: 6.0.0 SR15FP2 6.0.1 SR7FP2 5.0.0 SR16FP6 . A fix is made to IBMJGSS to use the key with correct etype from the keytab The associated Hursley CMVC defect is 201419 The associated Austin CMVC defect is 115133 JVMs affected: Java 5.0, Java 6.0 and Java 626 The fix was delivered for Java 5.0 SR16FP6, Java 6.0 SR15FP2 and Java 626 SR7FP2. The affected jar is "ibmjgssprovider.jar". The build level of this jar for the affected releases is "20131206"
Temporary fix
Comments
APAR Information
APAR number
IV53438
Reported component name
SECURITY
Reported component ID
620700125
Reported release
600
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-12-17
Closed date
2013-12-17
Last modified date
2013-12-31
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R600 PSY
UP
R260 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.0","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020