VOOZH about

URL: https://www.ibm.com/support/pages/apar/IV81240

⇱ IV81240: JGSS'S DOES NOT HANDLE EXCEPTION PROPERLY WHEN RETRIEVING TGT.

IV81240: JGSS'S DOES NOT HANDLE EXCEPTION PROPERLY WHEN RETRIEVING TGT.

APAR status

  • Closed as program error.

Error description

  • Error Message: Kerberos authentication failed in Java 8.
.
Stack Trace: <OSB>JGSS_DBG_CRED<CSB> Worker-0 Retrieving
Kerberos creds from cache for principal=null
Kerberos Principal Name: org.ietf.jgss.GSSException, major code:
11, minor code: 0
 major string: General failure, unspecified at GSSAPI level
 minor string: Error obtaining kerberos credentials:
java.security.PrivilegedActionException:
javax.security.auth.login.LoginException: java.io.IOException:
Not enough storage is available to process this command.
 at
com.ibm.security.jgss.i18n.I18NException.throwGSSException(I18NE
xception.java:17)
 at com.ibm.security.jgss.mech.krb5.s.a(s.java:348)
 at com.ibm.security.jgss.mech.krb5.s.a(s.java:256)
 at com.ibm.security.jgss.mech.krb5.s.a(s.java:193)
 at com.ibm.security.jgss.mech.krb5.s.<init>(s.java:97)
 at
com.ibm.security.jgss.mech.krb5.Krb5MechFactory.getCredentialEle
ment(Krb5MechFactory.java:10)
 at
com.ibm.security.jgss.GSSManagerImpl.createMechCredential(GSSMan
agerImpl.java:36)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.a(SPNEGOContext.
java:193)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.a(SPNEGOContext.
java:30)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.a(SPNEGOContext.
java:140)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.a(SPNEGOContext.
java:308)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.a(SPNEGOContext.
java:413)
 at
com.ibm.security.jgss.mech.spnego.SPNEGOContext.initSecContext(S
PNEGOContext.java:535)
 at
com.ibm.security.jgss.GSSContextImpl.initSecContext(GSSContextIm
pl.java:182)
 at
com.ibm.security.jgss.GSSContextImpl.initSecContext(GSSContextIm
pl.java:157)
.
This issue only happens in Java 8.

Local fix



Problem summary


    

  • The underlying IO (java.io.FileInputStream) throwed an exception
when retrieving TGT. This exception is not caught by JGSS. Hence
the authentication failed.



Problem conclusion


    

  • Catch and process the exception at JGSS level.
The corresponding Austin defect is 117154.
The corresponding RTC Problem Report is 107638.
Platform affected: All platforms.
JVMs affected: 8.0.
Jars affected: ibmjgssprovider.jar.
The fix will be available in 180_SR3.
Build level is 20160205.
.
This APAR will be fixed in the following Java Releases:
 8 SR3 (8.0.3.0)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
Service Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IV81240
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-02-06
    • 

  • Closed date
    2016-02-10
    • 

  • Last modified date
    2016-02-10
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 




    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels


    

  • R270 PSY
       UP
    • 







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 07 December 2020