RH-SSO Kerberos Authentication Error: SPNEGO login failed: java.security.PrivilegedActionException: GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)

Solution Verified - Updated 2024-07-17T20:33:31+00:00 -

Issue

When trying to authenticate users using a Kerberos keytab on an Active Directory User federation, all GSSAPI authentications result in a checksum failure

WARN  [org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator] (executor-thread-1) SPNEGO login failed: java.security.PrivilegedActionException: GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:716)
at java.base/javax.security.auth.Subject.doAs(Subject.java:439)

Environment

Red Hat build of Keycloak(RHBK)
- 22.x
Operator

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Select Your Language

RH-SSO Kerberos Authentication Error: SPNEGO login failed: java.security.PrivilegedActionException: GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)

Issue

Environment

Subscriber exclusive content

Current Customers and Partners

New to Red Hat?

Using a Red Hat product through a public cloud?

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Issue

Environment

Subscriber exclusive content

Current Customers and Partners

New to Red Hat?

Using a Red Hat product through a public cloud?

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links