Consider the following when troubleshooting problems with Kerberos security:
The Java reference implementation supports only the DES encryption type. You must configure your Active Directory and KDC principals to use DES encryption.
The value of the SERVICE_PRINCIPAL_NAME property must be set to the same name you specify with the -s option when you start your data server.
Check the krb5.conf and krb5.ini files. For CyberSafe clients, check the krb.conf and krb.realms files or DNS SRV records.
You can set the debug property to “true” in the JAAS login configuration file.
You can set the debug property to “true” at the command line:
-Dsun.security.krb5.debug=true
The JAAS login configuration file provides several options that you can set for your particular needs. For information about JAAS and the Java GSS API, refer to:
