java调试Kerberos,输出登陆信息

在代码中添加:
System.setProperty(“sun.security.krb5.debug”, “true”);
可以得到如下信息:

Java config name: D:/krb5181.conf
Loaded from Java config
Java config name: D:/krb5181.conf
Loaded from Java config
>>> KdcAccessibility: reset
>>> KdcAccessibility: reset
>>> KeyTabInputStream, readName(): HDSC.COM
>>> KeyTabInputStream, readName(): hdfs
>>> KeyTab: load() entry length: 47; type: 23
>>> KeyTabInputStream, readName(): HDSC.COM
>>> KeyTabInputStream, readName(): hdfs
>>> KeyTab: load() entry length: 55; type: 16
>>> KeyTabInputStream, readName(): HDSC.COM
>>> KeyTabInputStream, readName(): hdfs
>>> KeyTab: load() entry length: 39; type: 1
Looking for keys for: hdfs@HDSC.COM
Found unsupported keytype (1) for hdfs@HDSC.COM
Added key: 16version: 2
Added key: 23version: 2
Looking for keys for: hdfs@HDSC.COM
Found unsupported keytype (1) for hdfs@HDSC.COM
Added key: 16version: 2
Added key: 23version: 2
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23.
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=192.168.0.181 UDP:88, timeout=30000, number of retries =3, #bytes=126
>>> KDCCommunication: kdc=192.168.0.181 UDP:88, timeout=30000,Attempt =1, #bytes=126
>>> KrbKdcReq send: #bytes read=325
>>>Pre-Authentication Data:
     PA-DATA type = 136

>>>Pre-Authentication Data:
     PA-DATA type = 11
     PA-ETYPE-INFO etype = 23, salt = HDSC.COMhdfs
     PA-ETYPE-INFO etype = 16, salt = HDSC.COMhdfs

>>>Pre-Authentication Data:
     PA-DATA type = 19
     PA-ETYPE-INFO2 etype = 23, salt = HDSC.COMhdfs, s2kparams = null
     PA-ETYPE-INFO2 etype = 16, salt = HDSC.COMhdfs, s2kparams = null

>>>Pre-Authentication Data:
     PA-DATA type = 2
     PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
     PA-DATA type = 133

>>> KdcAccessibility: remove 192.168.0.181
>>> KDCRep: init() encoding tag is 126 req type is 11
>>>KRBError:
     cTime is Sun Apr 11 11:53:40 CST 1993 734500420000
     sTime is Tue May 08 16:29:07 CST 2018 1525768147000
     suSec is 616175
     error code is 25
     error Message is Additional pre-authentication required
     cname is hdfs@HDSC.COM
     sname is krbtgt/HDSC.COM@HDSC.COM
     eData provided.
     msgType is 30
>>>Pre-Authentication Data:
     PA-DATA type = 136

>>>Pre-Authentication Data:
     PA-DATA type = 11
     PA-ETYPE-INFO etype = 23, salt = HDSC.COMhdfs
     PA-ETYPE-INFO etype = 16, salt = HDSC.COMhdfs

>>>Pre-Authentication Data:
     PA-DATA type = 19
     PA-ETYPE-INFO2 etype = 23, salt = HDSC.COMhdfs, s2kparams = null
     PA-ETYPE-INFO2 etype = 16, salt = HDSC.COMhdfs, s2kparams = null

>>>Pre-Authentication Data:
     PA-DATA type = 2
     PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
     PA-DATA type = 133

KRBError received: NEEDED_PREAUTH
KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23.
Looking for keys for: hdfs@HDSC.COM
Found unsupported keytype (1) for hdfs@HDSC.COM
Added key: 16version: 2
Added key: 23version: 2
Looking for keys for: hdfs@HDSC.COM
Found unsupported keytype (1) for hdfs@HDSC.COM
Added key: 16version: 2
Added key: 23version: 2
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23.
>>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=192.168.0.181 UDP:88, timeout=30000, number of retries =3, #bytes=211
>>> KDCCommunication: kdc=192.168.0.181 UDP:88, timeout=30000,Attempt =1, #bytes=211
>>> KrbKdcReq send: #bytes read=675
>>> KdcAccessibility: remove 192.168.0.181
Looking for keys for: hdfs@HDSC.COM
Found unsupported keytype (1) for hdfs@HDSC.COM
Added key: 16version: 2
Added key: 23version: 2
>>> EType: sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType
>>> KrbAsRep cons in KrbAsReq.getReply hdfs
18/05/08 16:29:07 INFO security.UserGroupInformation: Login successful for user hdfs@HDSC.COM using keytab file D:/hdfs181.keytab
展开阅读全文

没有更多推荐了,返回首页