• Post Reply Bookmark Topic Watch Topic
  • New Topic

Kerberos authentication with Proxy server is failing with JRE 1.6.0_30  RSS feed

Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In our project we need to communicate to a URL on internet through a proxy server. The proxy server has kerberos authentication integrated with an Active Directory.
When I try to communicate to the URL through a proxy server, using JRE 1.6.0_30, the client is redirected 20 times and finally "java.net.ProtocolException: Server redirected too many times (20)" error comes. On the other hand when same program is run with JRE 1.6.0_33/1.6.0_37, the communication with the internet URL through proxy server is successful. Can any body please tell me if there was a bug fix related to kerberos authentication in JRE 1.6._30 or is there any mistake in program?

Following is the program I am using:

public class TestConnectionThroughProxy {
public static void main(String[] args) throws IOException {
TestConnectionThroughProxy test = new TestConnectionThroughProxy();

private static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("domainuser", "domainpassword".toCharArray());

private void test() throws IOException {
System.setProperty("java.security.krb5.conf", "krb5.ini");
System.setProperty("java.security.auth.login.config", "spNegoLogin.conf");
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
System.setProperty("sun.security.krb5.debug", "true");

Authenticator.setDefault(new MyAuthenticator());

SocketAddress socketAddr = new InetSocketAddress("proxyserver.testdomain.local", 3128);
Proxy proxy = new Proxy(Proxy.Type.HTTP, socketAddr);

URL url = new URL("http://www.google.com");
URLConnection conn = url.openConnection(proxy);
InputStream is = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
char[] c = new char[1024];
int i = 0;
StringBuilder builder = new StringBuilder();
while((i = reader.read(c)) >= 0) {
builder.append(c, 0, i);

krb5.ini file:

default_realm = TESTDOMAIN.LOCAL
default_tkt_enctypes = aes128-cts-hmac-sha1-96,rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
forwardable = true
kdc = adserver.testdomain.local:88
testdomain.local = TESTDOMAIN.LOCAL
.testdomain.local = TESTDOMAIN.LOCAL


com.sun.security.jgss.krb5.initiate {
com.sun.security.auth.module.Krb5LoginModule required doNotPrompt=false useTicketCache=false;

Please help us in finding the reason of problem.
Thank You,
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!