<filter>

<filter-name>authFilter</filter-name>

<filter-class>com.hulamuba.rtr.authentication.qsj.SsoAndFormsAuthFilter</filter-class>

<init-param>

   <param-name>idm.sso.forms.allowUnsecured</param-name>

   <param-value>true</param-value>

<init-param>

   <param-name>idm.sso.forms.login-action</param-name>

   <param-value>/login-action.vsj</param-value>

</filter>




May 25, 2011 7:06:20 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Java\jdk1.5.0_11\jre\bin;.;C:\WINDOWS\system32;C:\WINDOWS;C:/Program Files/Java/jre6/bin/client;C:/Program Files/Java/jre6/bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Attachmate\INFOCNEE\;C:\Program Files\Attachmate\INFOCNEE\Accmgr32;C:\SFU\common\;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\GuardianEdge\GuardianEdge Clients\;D:\Program Files\Rational\ClearCase\bin;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\VanDyke Software\Clients\;D:\Program Files\IBM\RationalSDLC\ClearCase\bin;D:\Program Files\IBM\RationalSDLC\common
May 25, 2011 7:06:20 AM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
May 25, 2011 7:06:20 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 646 ms
May 25, 2011 7:06:20 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
May 25, 2011 7:06:20 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.14
2011-05-25 07:06:28,625 [DEBUG] [com.dstc.security.util.logging.CommonsLogWrapper] loading license idm.sso.license
2011-05-25 07:06:28,641 [DEBUG] [com.dstc.security.util.logging.CommonsLogWrapper] verifying license for module 'idm.sso'
2011-05-25 07:06:28,969 [DEBUG] [com.wedgetail.idm.sso.util.CommonsSsoLogger] Configuring VSJ service principal from idm.principalAtRealm
2011-05-25 07:06:28,969 [DEBUG] [com.wedgetail.idm.sso.util.CommonsSsoLogger] VSJ Standard Edition 3.3 Patch-3548
Initial Parameters -
 VSJ service principal:TESTQSJsvc@DSTEST.HULAMUBA.COM
 kdc:-- no value assigned --
 site:-- no value assigned --
 keytab:-- no value assigned --
 ccache:-- no value assigned --
 allowUnsecured:true
 allowFallback:false
 fallbackCrossRealm:false
 allowNTLM:true
 allowS4U:false
 ntlm.signing.domain  : -- no value assigned --
 ntlm.signing.username: -- no value assigned --
 ntlm.signing.password: -- no value assigned --
 ntlm.signing.always  : false
 ntlm.crossForest: false
 externalTrusts  : -- no value assigned --
 userHandledExcept:false
 policy: -- no value assigned --
 groupsAsRoles: false
 supportMultipleSPN: false
 disableTicketSanityCheck: false
 disableDefaultKrbConfig: false
 disableSpnegoChallenge: false
 flushAuthenticationChallenge: false
 shutdownOnDestroy: false
 trimUnsolicitedBasic: false
 trimUnsolicitedNTLM: false
 trimUnsolicitedSPNEGO: false
 userPrincipalAttribute: -- no value assigned --
 qualifyUserPrincipal: true
 userPrincipalFormatterClass: -- no value assigned --
 directoryFactory: -- no value assigned --
 password: set from idm.password
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: Found name servers using JNDI
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: nct0010vpdnsca1.nc.no.HULAMUBA.COM (162.205.245.232)
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: nct0010vpdnsca2.nc.no.HULAMUBA.COM (162.205.245.231)
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: det0190vpdnsca1.dcc.HULAMUBA.COM (162.205.87.228)
2011-05-25 07:06:29,719 [DEBUG] [com.dstc.security.util.logging.CommonsLogWrapper] loading license jcsi.kerberos.license
2011-05-25 07:06:29,719 [DEBUG] [com.dstc.security.util.logging.CommonsLogWrapper] verifying license for module 'jcsi.kerberos'
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: ** requesting initial ticket .. **
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: ** creating AS request .. **
 for client: TESTQSJsvc
 at realm: DSTEST.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: ** Sending request to KDC .. **
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: Resolving KDC for realm: DSTEST.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
 UDP attempt #0 to DNS server nct0010vpdnsca1.nc.no.HULAMUBA.COM/162.205.245.232
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:  Data sent:
            c8 0c 01 00 00 01 00 00 00 00 00 00 05 5f 6c 64 61 70 04 5f
            74 63 70 06 44 53 54 45 53 54 06 49 52 53 4e 45 54 03 47 4f
            56 00 00 21 00 01
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: Data received:
            c8 0c 83 80 00 01 00 08 00 03 00 00 05 5f 6c 64 61 70 04 5f
            74 63 70 06 44 53 54 45 53 54 06 49 52 53 4e 45 54 03 47 4f
            56 00 00 21 00 01 c0 0c 00 21 00 01 00 00 00 ec 00 28 00 00
            00 64 01 85 0e 6d 74 62 30 31 32 30 70 6c 38 61 64 33 32 06
            64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c
            00 21 00 01 00 00 00 ec 00 27 00 32 00 64 01 85 0d 6d 74 62
            30 31 32 30 63 6c 61 64 31 31 06 64 73 74 65 73 74 06 69 72
            73 6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec 00
            27 00 32 00 64 01 85 0d 6d 74 62 30 31 32 30 63 6c 61 64 31
            32 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00
            c0 0c 00 21 00 01 00 00 00 ec 00 28 00 32 00 64 01 85 0e 64
            65 74 30 31 39 30 63 6c 64 73 74 73 31 06 64 73 74 65 73 74
            06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00
            00 ec 00 28 00 00 00 64 01 85 0e 64 65 74 30 31 39 30 63 6c
            64 73 74 73 31 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03
            67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec 00 28 00 00 00 64
            01 85 0e 64 65 74 30 31 39 30 70 6c 38 61 64 33 31 06 64 73
            74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21
            00 01 00 00 00 ec 00 28 00 00 00 64 01 85 0e 6d 65 6d 30 32
            30 30 70 6c 38 61 64 33 31 06 64 73 74 65 73 74 06 69 72 73
            6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec 00 28
            00 00 00 64 01 85 0e 6d 74 62 30 31 32 30 70 6c 38 61 64 33
            31 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00
            c1 b9 00 02 00 01 00 00 01 85 00 02 c1 42 c1 b9 00 02 00 01
            00 00 01 85 00 02 c1 76 c1 b9 00 02 00 01 00 00 01 85 00 02
            c1 aa
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: params: 1000001110000000
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: Query sent:
  Qname: _ldap._tcp.DSTEST.HULAMUBA.COM
  Qtype: 33
  Qclass: 1
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mtb0120pl8ad32.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: mtb0120clad11.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: mtb0120clad12.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: det0190pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mem0200pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mtb0120pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: det0190pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mem0200pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mtb0120pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
  Too big for UDP, trying TCP
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
 Data received:
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
            c8 0c 81 80 00 01 00 08 00 07 00 07 05 5f 6c 64 61 70 04 5f
            74 63 70 06 44 53 54 45 53 54 06 49 52 53 4e 45 54 03 47 4f
            56 00 00 21 00 01 c0 0c 00 21 00 01 00 00 00 ec 00 28 00 00
            00 64 01 85 0e 6d 74 62 30 31 32 30 70 6c 38 61 64 33 31 06
            64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c
            00 21 00 01 00 00 00 ec 00 28 00 00 00 64 01 85 0e 6d 74 62
            30 31 32 30 70 6c 38 61 64 33 32 06 64 73 74 65 73 74 06 69
            72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec
            00 27 00 32 00 64 01 85 0d 6d 74 62 30 31 32 30 63 6c 61 64
            31 31 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76
            00 c0 0c 00 21 00 01 00 00 00 ec 00 27 00 32 00 64 01 85 0d
            6d 74 62 30 31 32 30 63 6c 61 64 31 32 06 64 73 74 65 73 74
            06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00
            00 ec 00 28 00 32 00 64 01 85 0e 64 65 74 30 31 39 30 63 6c
            64 73 74 73 31 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03
            67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec 00 28 00 00 00 64
            01 85 0e 64 65 74 30 31 39 30 63 6c 64 73 74 73 31 06 64 73
            74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21
            00 01 00 00 00 ec 00 28 00 00 00 64 01 85 0e 64 65 74 30 31
            39 30 70 6c 38 61 64 33 31 06 64 73 74 65 73 74 06 69 72 73
            6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00 00 ec 00 28
            00 00 00 64 01 85 0e 6d 65 6d 30 32 30 30 70 6c 38 61 64 33
            31 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00
            c1 b9 00 02 00 01 00 00 01 85 00 02 c1 42 c1 b9 00 02 00 01
            00 00 01 85 00 02 c1 76 c1 b9 00 02 00 01 00 00 01 85 00 02
            c1 aa c1 b9 00 02 00 01 00 00 01 85 00 02 c0 40 c1 b9 00 02
            00 01 00 00 01 85 00 02 c0 74 c1 b9 00 02 00 01 00 00 01 85
            00 02 c0 a8 c1 b9 00 02 00 01 00 00 01 85 00 02 c0 db c1 42
            00 01 00 01 00 00 05 bf 00 04 98 de b8 a2 c1 76 00 01 00 01
            00 00 05 bf 00 04 0a eb 66 2c c1 aa 00 01 00 01 00 00 05 bf
            00 04 0a db 50 62 c0 40 00 01 00 01 00 00 06 6f 00 04 0a cf
            14 6b c0 74 00 01 00 01 00 00 0b c3 00 04 0a cf 14 6d c0 a8
            00 01 00 01 00 00 01 c0 00 04 98 e1 3e a9 c0 db 00 01 00 01
            00 00 06 01 00 04 98 e1 3e a8
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: params: 1000000110000000
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos: Query sent:
  Qname: _ldap._tcp.DSTEST.HULAMUBA.COM
  Qtype: 33
  Qclass: 1
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mtb0120pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mtb0120pl8ad32.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: mtb0120clad11.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: mtb0120clad12.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 389
      Target: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: det0190pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: _ldap._tcp.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 236
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 389
      Target: mem0200pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: det0190pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mem0200pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mtb0120pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mtb0120pl8ad32.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mtb0120clad11.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 389
      Type: NS
      Name Server: mtb0120clad12.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: det0190cldsts1.dstest.HULAMUBA.COM
      Class: 1
      TTL: 1471
      Type: A
      IP Address: 162.202.184.162
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: det0190pl8ad31.dstest.HULAMUBA.COM
      Class: 1
      TTL: 1471
      Type: A
      IP Address: 107.215.102.44
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: mem0200pl8ad31.dstest.HULAMUBA.COM
      Class: 1
      TTL: 1471
      Type: A
      IP Address: 107.209.80.98
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120pl8ad31.dstest.HULAMUBA.COM
      Class: 1
      TTL: 1647
      Type: A
      IP Address: 107.217.20.107
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120pl8ad32.dstest.HULAMUBA.COM
      Class: 1
      TTL: 3011
      Type: A
      IP Address: 107.217.20.109
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120clad11.dstest.HULAMUBA.COM
      Class: 1
      TTL: 448
      Type: A
      IP Address: 162.215.62.169
[DEBUG] Wed May 25 07:06:29 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120clad12.dstest.HULAMUBA.COM
      Class: 1
      TTL: 1537
      Type: A
      IP Address: 162.215.62.168
2011-05-25 07:06:30,000 [DEBUG] [com.wedgetail.idm.sso.util.CommonsSsoLogger] Start TCP LDAP ping to mtb0120pl8ad31.dstest.HULAMUBA.COM/10.207.20.107 port 389
2011-05-25 07:06:30,469 [DEBUG] [com.wedgetail.idm.sso.util.CommonsSsoLogger]   End TCP LDAP ping to mtb0120pl8ad31.dstest.HULAMUBA.COM/10.207.20.107 port 389
2011-05-25 07:06:30,469 [DEBUG] [com.wedgetail.idm.sso.util.CommonsSsoLogger]  Site result = "GALILEO"
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
 UDP attempt #0 to DNS server nct0010vpdnsca1.nc.no.HULAMUBA.COM/162.205.245.232
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:  Data sent:
            ba 93 01 00 00 01 00 00 00 00 00 00 09 5f 6b 65 72 62 65 72
            6f 73 04 5f 74 63 70 0d 4e 45 57 43 41 52 52 4f 4c 4c 54 4f
            4e 06 5f 73 69 74 65 73 06 44 53 54 45 53 54 06 49 52 53 4e
            45 54 03 47 4f 56 00 00 21 00 01
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos: Data received:
            ba 93 81 80 00 01 00 05 00 07 00 02 09 5f 6b 65 72 62 65 72
            6f 73 04 5f 74 63 70 0d 4e 45 57 43 41 52 52 4f 4c 4c 54 4f
            4e 06 5f 73 69 74 65 73 06 44 53 54 45 53 54 06 49 52 53 4e
            45 54 03 47 4f 56 00 00 21 00 01 c0 0c 00 21 00 01 00 00 02
            58 00 27 00 32 00 64 00 58 0d 6d 74 62 30 31 32 30 63 6c 61
            64 31 32 06 64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f
            76 00 c0 0c 00 21 00 01 00 00 02 58 00 28 00 32 00 64 00 58
            0e 64 65 74 30 31 39 30 63 6c 64 73 74 73 31 06 64 73 74 65
            73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c 00 21 00 01
            00 00 02 58 00 28 00 00 00 64 00 58 0e 6d 65 6d 30 32 30 30
            76 6c 64 73 74 73 31 06 64 73 74 65 73 74 06 69 72 73 6e 65
            74 03 67 6f 76 00 c0 0c 00 21 00 01 00 00 02 58 00 28 00 00
            00 64 00 58 0e 6d 74 62 30 31 32 30 70 6c 38 61 64 33 32 06
            64 73 74 65 73 74 06 69 72 73 6e 65 74 03 67 6f 76 00 c0 0c
            00 21 00 01 00 00 02 58 00 27 00 32 00 64 00 58 0d 6d 74 62
            30 31 32 30 63 6c 61 64 31 31 06 64 73 74 65 73 74 06 69 72
            73 6e 65 74 03 67 6f 76 00 c1 36 00 02 00 01 00 00 01 84 00
            02 c0 f4 c1 36 00 02 00 01 00 00 01 84 00 02 c1 28 c1 36 00
            02 00 01 00 00 01 84 00 02 c0 59 c1 36 00 02 00 01 00 00 01
            84 00 02 c0 8c c1 36 00 02 00 01 00 00 01 84 00 11 0e 64 65
            74 30 31 39 30 70 6c 38 61 64 33 31 c1 36 c1 36 00 02 00 01
            00 00 01 84 00 11 0e 6d 65 6d 30 32 30 30 70 6c 38 61 64 33
            31 c1 36 c1 36 00 02 00 01 00 00 01 84 00 11 0e 6d 74 62 30
            31 32 30 70 6c 38 61 64 33 31 c1 36 c0 f4 00 01 00 01 00 00
            0b c2 00 04 0a cf 14 6d c1 28 00 01 00 01 00 00 01 bf 00 04
            98 e1 3e a9
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos: params: 1000000110000000
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos: Query sent:
  Qname: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
  Qtype: 33
  Qclass: 1
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 600
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 88
      Target: mtb0120clad12.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 600
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 88
      Target: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 600
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 88
      Target: mem0200vldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 600
      Type: SRV
      Priority: 0
      Weight: 100
      Port: 88
      Target: mtb0120pl8ad32.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: _kerberos._tcp.GALILEO._sites.DSTEST.HULAMUBA.COM
      Class: 1
      TTL: 600
      Type: SRV
      Priority: 50
      Weight: 100
      Port: 88
      Target: mtb0120clad11.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: mtb0120pl8ad32.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: mtb0120clad11.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: mtb0120clad12.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: det0190cldsts1.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: det0190pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: mem0200pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: dstest.HULAMUBA.COM
      Class: 1
      TTL: 388
      Type: NS
      Name Server: mtb0120pl8ad31.dstest.HULAMUBA.COM
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120pl8ad32.dstest.HULAMUBA.COM
      Class: 1
      TTL: 3010
      Type: A
      IP Address: 107.217.20.109
[DEBUG] Wed May 25 07:06:30 EDT 2011 jcsi.kerberos:
    Record

      Name: mtb0120clad11.dstest.HULAMUBA.COM
      Class: 1
      TTL: 447
      Type: A
      IP Address: 162.215.62.169
2011-05-25 07:06:30,547 [ERROR] [com.wedgetail.idm.sso.util.CommonsSsoLogger] VSJ credentials (principal, realm, keytab/password) are invalid
com.wedgetail.idm.sso.ConfigException: Could not validate VSJ password [caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)]
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:181)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 ... 22 more
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
Caused by:
GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
2011-05-25 07:06:30,547 [ERROR] [com.wedgetail.idm.sso.util.CommonsSsoLogger] Error during initAuthenticator()
com.wedgetail.idm.sso.ConfigException: Could not validate VSJ password [caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)]
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:181)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 ... 22 more
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
Caused by:
GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
May 25, 2011 7:06:30 AM org.apache.catalina.core.StandardContext filterStart
SEVERE: Exception starting filter authFilter
com.wedgetail.idm.sso.ConfigException: Could not validate VSJ password [caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)]
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:181)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 ... 22 more
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM)
 at com.dstc.security.kerberos.gssapi.GSSKrbException.create(GSSKrbException.java:208)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:123)
 at com.dstc.security.kerberos.gssapi.GSSCredentialFactory.createImmortalTGT(GSSCredentialFactory.java:24)
 at com.wedgetail.idm.sso.util.ServerTGT.generateTGT(ServerTGT.java:81)
 at com.wedgetail.idm.sso.util.ServerTGT.getTGT(ServerTGT.java:56)
 at com.wedgetail.idm.sso.util.Util.checkAgainstKDC(Util.java:165)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator2(AbstractAuthenticator.java:556)
 at com.wedgetail.idm.sso.AbstractAuthenticator.initAuthenticator(AbstractAuthenticator.java:325)
 at com.wedgetail.idm.sso.AuthFilter.init(AuthFilter.java:131)
 at com.hulamuba.rtr.authentication.qsj.FormsAuthFilter.init(FormsAuthFilter.java:217)
 at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
 at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
 at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
 at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3696)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4343)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
 at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
 at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
 at org.apache.catalina.core.StandardService.start(StandardService.java:516)
 at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: com.dstc.security.kerberos.KerberosConfigException: Could not resolve KDC from DNS SRV record:  java.net.UnknownHostException: mem0200vldsts1.dstest.HULAMUBA.COM: mem0200vldsts1.dstest.HULAMUBA.COM
 at com.dstc.security.kerberos.DefaultConfig.genKDCInfo(DefaultConfig.java:399)
 at com.dstc.security.kerberos.ActiveDirectorySitesConfig.getKdcs(ActiveDirectorySitesConfig.java:206)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:284)
 at com.dstc.security.kerberos.CustomConfig.getKdcs(CustomConfig.java:265)
 at com.dstc.security.kerberos.impl.DefaultKdcResolver.getKdc(DefaultKdcResolver.java:58)
 at com.dstc.security.kerberos.DefaultKerberosMessageHandler.send(DefaultKerberosMessageHandler.java:84)
 at com.dstc.security.kerberos.Kerberos.sendRequestToKDC(Kerberos.java:1832)
 at com.dstc.security.kerberos.Kerberos.getKrbASRepFromKDC(Kerberos.java:1105)
 at com.dstc.security.kerberos.Kerberos.requestInitialTicket(Kerberos.java:966)
 at com.dstc.security.kerberos.impl.CredentialUtil.getInitialCred(CredentialUtil.java:64)
 at com.dstc.security.kerberos.impl.CredentialUtil.getTicketGrantingTicket(CredentialUtil.java:41)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.generateTGT(ImmortalTGT.java:150)
 at com.dstc.security.kerberos.gssapi.ImmortalTGT.checkTGT(ImmortalTGT.java:119)
 ... 26 more
May 25, 2011 7:06:30 AM org.apache.catalina.core.StandardContext start
SEVERE: Error filterStart
May 25, 2011 7:06:30 AM org.apache.catalina.core.StandardContext start
SEVERE: Context [/RTR] startup failed due to previous errors
May 25, 2011 7:06:31 AM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
May 25, 2011 7:06:31 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
May 25, 2011 7:06:31 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/63  config=null
May 25, 2011 7:06:31 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 10993 ms

When I call the page throught struts /pageme/numberUpdate.do, the isUserInRole( role ) function return false.
When I call the page using its name /pageme/numberUpdate.jsp, the isUserInRole( role ) function return true.

I just wonder if this issue tight to QSJ? (It always return TRUE before moving to use QSJ.)

Thanks

Hi experts!

I am newbie for VAS.

After installation of  VAS 3.5 on both server(windows server 2003) and client(redhat5.2) according to the manual,

I failed to login the linux client using a Unix enabled domain user :test

I try to run some troubleshooting commands, and get some information as below:

[root@redhat-head ~]# /opt/quest/bin/vastool user checklogin test
WARNING: NSS lookup (getpwnam) for user test failed, this will almost
certainly mean that you will be unable to log in with a username of test.
This should be fixed before worrying about any other failures.
##I checked /etc/nsswith.conf, and found everything is ok.

[root@redhat-head ~]# /opt/quest/bin/vastool nss getpwnam test
ERROR: Could not look up user for name: test, error = 2.

[root@redhat-head ~]# /opt/quest/bin/vastool info domain
test.com

[root@redhat-head ~]#/opt/quest/bin/vastool -u host/ attrs test uidnumber gidnumber unixhomedirectory loginshell userprincipalname DistinguishedName
ginshell userprincipalname DistinguishedName
distinguishedName: CN=test,OU=Unix,DC=pera-test,DC=com
userPrincipalName: test@test.com
uidNumber: 1000
gidNumber: 1000
unixHomeDirectory: /home/test
loginShell: /bin/bash

I can't  find where the problem is.

Any advise?

Thank in advance!

Seeing recent posts regarding vasproxyd, I thought i'd take a look, and think I may have a use for it, however, I am struggling with the setup of it.

I wish to use the vasproxyd to authenticate users via the AD to an svn server I have on centos linux, the vasclient is installed on the centos box.

so, I have set-up an my vas.conf :


[vasproxyd]
  svn = {
    listen-addrs = 127.0.0.1:10000
    enable-anonymous = false
    proxy-to-gc = true
  }
 
and I have an apache config which contains the lines (within the <Location tag):


AuthType Basic
      AuthName "Authorization Realm"
      AuthBasicProvider ldap
      AuthLDAPURL "ldap://127.0.0.1:10000"
      Require valid-user mikec 
   
I start the proxy with the command /opt/quest/libexec/vas/vasldapd -n svn -d -g3

and it starts up and correctly finds name service principles etc, but then when you try and authenticate to the svn, there are the following errors on the console :

2010-04-02 10:29:58: Proxy "svn" removing stale negative search cache entries
2010-04-02 10:29:59: Proxy "svn" handling protoop 60. (msgid 1)
2010-04-02 10:29:59: rqstrply_blocking_ldap_handler: Handling bind request
2010-04-02 10:29:59: rqstrply_blocking_bind_handler: Disallowed anonymous bind
2010-04-02 10:29:59: Dumping buffer of length 57:
2010-04-02 10:29:59:  0x30 '0'  0x37 '7'  0x02 ' '  0x01 ' '  0x01 ' '  0x61 'a'  0x32 '2'  0x0a ' '  0x01 ' '  0x31 '1'  0x04 ' '
2010-04-02 10:29:59:  0x00 ' '  0x04 ' '  0x2b '+'  0x76 'v'  0x61 'a'  0x73 's'  0x70 'p'  0x72 'r'  0x6f 'o'  0x78 'x'
2010-04-02 10:29:59:  0x79 'y'  0x64 'd'  0x3a ':'  0x20 ' '  0x61 'a'  0x6e 'n'  0x6f 'o'  0x6e 'n'  0x79 'y'  0x6d 'm'
2010-04-02 10:29:59:  0x6f 'o'  0x75 'u'  0x73 's'  0x20 ' '  0x62 'b'  0x69 'i'  0x6e 'n'  0x64 'd'  0x73 's'  0x20 ' '
2010-04-02 10:29:59:  0x61 'a'  0x72 'r'  0x65 'e'  0x20 ' '  0x6e 'n'  0x6f 'o'  0x74 't'  0x20 ' '  0x61 'a'  0x6c 'l'
2010-04-02 10:29:59:  0x6c 'l'  0x6f 'o'  0x77 'w'  0x65 'e'  0x64 'd'  0x2e '.'
2010-04-02 10:29:59: rqstrply_blocking_ldap_handler: Successfully sent response to requestor.
2010-04-02 10:29:59: Proxy "svn" handling protoop 42. (msgid 2)
2010-04-02 10:29:59: rqstrply_blocking_ldap_handler: Handling unbind request
2010-04-02 10:29:59: Proxy "svn" LDAP error. No LDAP error string defined for LDAP error code: 53. Marking connection to 127.0.0.1 for closure.

which ties in with the apache error log which show :

[Fri Apr 02 10:30:02 2010] [warn] [client xxx.xxx.xxx.xxx] [30780] auth_ldap authenticate: user mikec authentication failed; URI /svnl [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
[Fri Apr 02 10:30:02 2010] [error] [client xxx.xxx.xxx.xxx] user mikec: authentication failure for "/svnl": Password Mismatch

but my credentials and password are not incorrect, I think theres just something small wrong, has anyone spotted it and could point it out?

thanks.

I am new to Kerberos.  When attempting to build a Kerberos credential, I call:

com.dstc.security.kerberos.winSSPI.WinSSPIGSSManager.getInstance();

For some people this causes:

Caused by: GSSException: Failure unspecified at GSS-API level

at com.dstc.security.kerberos.winSSPI.WinSSPIGSSManager.<init>(WinSSPIGSSManager.java:86)

at com.dstc.security.kerberos.winSSPI.WinSSPIGSSManager.getInstance(WinSSPIGSSManager.java:109)

... 33 more

Caused by: com.dstc.security.kerberos.winSSPI.SSPIException: WinSSPI not supported on this platform (Windows XP)

at com.dstc.security.kerberos.winSSPI.SSPI.initialize(SSPI.java:304)

at com.dstc.security.kerberos.winSSPI.WinSSPIGSSManager.<init>(WinSSPIGSSManager.java:84)

... 34 more

For others, it works fine.  I have also seen "WinSSPI not supported on this platform (Windows 7)" on Windows 7 machines.

What does that error indicate?  Where can I begin debugging?

We have an AD group 'foo'.  User Abe is added to it using AD tools.

I cannot see this user in the group using vastool on Solaris.  And of course the user cannot login.

$ vastool list groups | grep foo

foo:VAS:2010:john.doe@na.company.com,harry.who@na.company.com

$

I've executed vastool flush to no affect.

What am I doing wrong?

If there are any other customers that would like to test out the 4.1 pre-release, please email glen.davis@quest.com for more information.  You can

test by putting the new agents on some Servers, or using the updated management tools, or both. 

Thanks,

Glen Davis

Product Manager

I'm using Wyse T50 with brazilian ABNT2 keyboard(pt-BR) and the key "."(point) in numeric keyboard does work inside rdpclient. It works fine with console and other apps outside rdpclient but not inside. Using rdpclient with parameter --lx-debug helped to get the keycode 0x79 but I do not how to fix it. I installed Remmina/Rdesktop and all the keys works fine, so I guess the problem is with Wyse-rdpclient/RDP.

Any idea?

Thanks in advance

Is there a Quest product that is equivalent to CF engine?

Thanks

Steve