IE throws Unauthorized error

Dec 15, 2010 at 1:47 PM

Hi,

I am able authenticate in Firefox ,but IE throws authentication error.I have configured my by below configuration but it doesn't.

In the Internet Explorer window,
    click Tools > Internet Options > Security tab.
  Select the Local intranet icon and click Sites.
  In the Local intranet window, ensure that the "check box"
   to include all local (intranet) not listed in
   other zones is selected, then click Advanced.
  In the Local intranet window, fill in the Add this Web site
   to the zone field with the Web address of the host name
   so that the single sign-on (SSO) can be enabled
   to the list Web sites shown in the Web sites field.
   Your site information technology staff provides this information.
  Click OK to complete this step and close the Local intranet window.
  On the Internet Options window, click the Advanced tab and scroll
   to Security settings.
 
  IE Menu Tools/Internet Options,  Tab Security.
  Button aAdvanced..
  User authentication:/logon/Automatic logon only on intranet zone
 
  IE Menu Tools/Internet Options, Tab Advanced 
  Enable Integrated Windows Authentication

Coordinator
Dec 17, 2010 at 6:13 PM
Edited Dec 18, 2010 at 2:56 AM

Hello,

I think it is a problem of configuration of IE.
Is IE on a server or on a workstation? Waht is the OS? What is the version of IE?
Are the client and the server on the same domain?
What is the domain of the server? What is the request?

 Dominique

 

Dec 20, 2010 at 5:02 AM

Hi,

Thanks for the reply.

IE on my workstation.Both local machine and Remote machine.

Windows server version 2008.

IE -8.Yes all the client are in same domain.

 

Thanks

 

Dec 21, 2010 at 9:05 AM

Hi,

For your more info ..see the log details while accessing from IE 8. I have marked the red color authentication failed .

 

############ Log Details #################

Dec 21, 2010 10:00:48 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Dec 21, 2010 10:00:48 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@3115be0c
Dec 21, 2010 10:00:48 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@3115be0c
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: before getSSPAuthentication
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator getSSPAuthentication
FINE: Create a new instance of SSPIAuthentification
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication <init>
FINE: **********************************************New SSPAuthentification!!!
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: authentication SPNEGO: remote address: 192.168.1.1
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: Token received from the client: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Authorization != null && Authorization starts With NEGOTIATE
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: count of bytes received from the client: 56
Dec 21, 2010 10:00:49 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes 56
Dec 21, 2010 10:00:49 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes after verification 56
Dec 21, 2010 10:00:49 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: Count of 4-tuples : 14
Dec 21, 2010 10:00:49 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: length_base255 : (Count of bytes after the translation)40
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Count of decoded bytes received from the client after the translation from Base 64 : 40
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: before sspauth.acceptSecContext
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Count of sids given by TraduireNomsEnSids : 3
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: token length :40
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.ConnectionTcpPool getSocket
FINE: Element is not null
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.ConnectionTcpPool getSocket
FINE: A socket removed from the list
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Try to reuse the connection!!!
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: First loop position : 5
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Size of the answer  204
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Second loop position : 204
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Sizeof tokenToClient : 204
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.CancelConnectionForNTLM <init>
FINE: A new CancelConnectionForNTLM
Dec 21, 2010 10:00:49 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Cont of bytes of tokenToClient : 204
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: count of bytes received from acceptSecContext : 204
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: Another cycle initSecContext/acceptSecContext is required
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: count of bytes sent to the client: 204
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: count of bytes sent (base 64) to the client : 272
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: Sending response token: {}Negotiate TlRMTVNTUAACAAAABgAGADgAAAAVgonimlUcjdAW5OQAAAAAAAAAAI4AjgA+AAAABgByFwAAAA9QAEgAWAACAAYAUABIAFgAAQAcAFMATgAxAFAATQBYAFAAQwBUADAANgBXADMANAAEAA4AcABoAHgALgBnAGIAbAADACwAUwBOADEAUABNAFgAUABDAFQAMAA2AFcAMwA0AC4AcABoAHgALgBnAGIAbAAFAA4AcABoAHgALgBnAGIAbAAHAAgAcmSu8fWgywEAAAAA
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Authentication is neither failed nor established: Another round between the client and the server is required
Dec 21, 2010 10:00:49 AM fr.doume.v2.authenticator.SSPAuthenticator setSSPAuthenticationInSession
FINE: set SSPAuthentication in a session
Dec 21, 2010 10:00:50 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Dec 21, 2010 10:00:50 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@3115be0c
Dec 21, 2010 10:00:50 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@3115be0c
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: before getSSPAuthentication
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: authentication SPNEGO: remote address: 122.165.64.241
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: Token received from the client: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Authorization != null && Authorization starts With NEGOTIATE
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: count of bytes received from the client: 56
Dec 21, 2010 10:00:51 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes 56
Dec 21, 2010 10:00:51 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes after verification 56
Dec 21, 2010 10:00:51 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: Count of 4-tuples : 14
Dec 21, 2010 10:00:51 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: length_base255 : (Count of bytes after the translation)40
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Count of decoded bytes received from the client after the translation from Base 64 : 40
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: before sspauth.acceptSecContext
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: token length :40
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.CancelConnectionForNTLM cancel
FINE: A Timer for ConnectionForNTLM has been canceled
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: First loop position : 5
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Size of the answer  8
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Second loop position : 8
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Cont of bytes of tokenToClient : 1
Dec 21, 2010 10:00:51 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Error in AcceptSecContext : Error between tomcat and NegotiateStream!
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: SSPIAuthentication : Error between tomcat and NegotiateStream!
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: array of bytes sent by acceptSecContext (SSPI server) is null
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE:  The array of bytes sent by SSPI == null
Dec 21, 2010 10:00:51 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: authentication is failed

Dec 21, 2010 at 9:35 AM

Hi,

Log details from NegoServer .

######## Negoserver Log ###############

 DateTime=2010-12-21T10:07:51.5313071Z
Server Verbose: 57315 : To a new request with a new connection TCP
    DateTime=2010-12-21T10:08:02.9434482Z
Server Verbose: 57315 : Before TranslationOrAuthenticate
    DateTime=2010-12-21T10:08:02.9474486Z
State Verbose: 57315 : Buf len : 1
    DateTime=2010-12-21T10:08:02.9514490Z
State Verbose: 57315 : Buf offset 0
    DateTime=2010-12-21T10:08:02.9524491Z
State Verbose: 57315 : Buf remaining 1
    DateTime=2010-12-21T10:08:02.9524491Z
Server Verbose: 57315 : In TranslationOrAuthenticate
    DateTime=2010-12-21T10:08:02.9584497Z
Server Verbose: 57315 : Buffer.length1
    DateTime=2010-12-21T10:08:02.9584497Z
Server Verbose: 57315 : ConnectionType.Authentication
    DateTime=2010-12-21T10:08:02.9584497Z
AsynchronousAuthenticatingTcpListener Verbose: 57315 : NOT onlykerberos
    DateTime=2010-12-21T10:08:02.9624501Z
AsynchronousAuthenticatingTcpListener Verbose: 57315 : Ending authentication.
    DateTime=2010-12-21T10:08:04.7446283Z
ClientState Verbose: 57315 : A call to SSPI failed, see inner exception.    at System.Net.Security.NegoState.EndProcessAuthentication(IAsyncResult result)
   at httpToNegotiateStream.AsynchronousAuthenticatingTcpListener.EndAuthenticate(IAsyncResult ar)
    DateTime=2010-12-21T10:08:04.7496288Z
ClientState Verbose: 57315 : Authenticatde stream closed
    DateTime=2010-12-21T10:08:04.7526291Z
ClientState Verbose: 57315 : Connection closed
    DateTime=2010-12-21T10:08:04.7526291Z

Coordinator
Dec 27, 2010 at 12:26 PM

Hello,

You have a client with the address 192.168.1.1. At 10:00:49,  you can see on the log:
before getSSPAuthentication, and then,  Create a new instance of SSPIAuthentification. (Authentification is authentication in french. SSPAuthentification is the old name of SSPAuthentication).
The address of your client is given after: remote address: 192.168.1.1

Your client use NTLM:
Token received from the client: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==

The server send a response and in the log, you find, because you use NTLM:
Authentication is neither failed nor established: Another round between the client and the server is required.
So, the instance of SSPAuthentication is set ins the session: in the log, you find: set SSPAuthentication in a session

After, at 10:01:51 you find
before getSSPAuthentication. But there is not a new SSSPAuthentication. So the SSPAuthentication is found in the session.
But the remote address is now: remote address: 122.165.64.241. The client send:
Token received from the client: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==

The session cookie is sent by tomcat to the client (10:00:49) with he address 192.168.1.1. The client send this cookie(10:00:50), so tomcat find the SSPAuthentication in the session.
But the client is doing a new authentication and the address is not the same. The address of the client is now 122..x.x.  It is very curious.

Did you delete lines in the log? Have you 2 addresses on your client?

Remark: The log of Negoserver and tomcat do not give the same time. Are they on the same server?

Uncomment the RequestDumperValve in the server.xml. So, tomcat log the header received and sent. Test and send again the content of server.xml.

Dominique



 

Coordinator
Dec 30, 2010 at 12:17 PM

Hello,

The service Tomcat is running on Windows with Negoserver.

IE choose NTLM. A browser choose Kerberos if:

  • Negoserver is running on the same computer than Tomcat
  • Negoserver is running as a service with th account SYSTEM or Network Service
  • The browser is NOT running on the same computer than Tomcat and Negoserver
  • The url of the queries do not use the address of the tomcat server but the name(Netbios or DNS name)

Dominique

Dec 30, 2010 at 12:33 PM

Thanks for the reply. Answers are in red

The service Tomcat is running on Windows with Negoserver. --- Yes tomcat running on Windows with Negoserver

IE choose NTLM. A browser choose Kerberos if:

  • Negoserver is running on the same computer than Tomcat   ---- Yes,both running on same machine
  • Negoserver is running as a service with th account SYSTEM or Network Service --- Yes,Negoserver running as SYSTEM Account
  • The browser is NOT running on the same computer than Tomcat and Negoserver ---- Yes,Browser from other server.
  • The url of the queries do not use the address of the tomcat server but the name(Netbios or DNS name)---- I am using DNS name of Tomcat server

 

Thanks

Babu

Coordinator
Jan 4, 2011 at 5:39 PM

Hello,

I installed 3 windows 2008 x86 on virtual pc.

  • A domain controller ad2008, of the domain test.org, with the address 172.16.0.90. I added a user clientspnego.
  • A server tomcat 7.0.2 server2008, member of the domain test.org, with the address 172.16.0.91. I installed Negoserver, the application authbysspiv2 and copy the file frdoumesspitc7v2.jar in the directory lib.
  • Ngeoserver run as a service on server2008 with the account SYSTEM
  • A client client 2008, member of test.org, with the address 172.16.0.92. I added *://*.test.org  and *://172.16.*.* to the the local intranet

On client2008, with the account TEST\clientspnego, and the request http://server2008.test.org/authbysspiv2 , the user is authenticated with Kerberos. With the request http://172.16.0.91/authbysspiv2, the user is authenticated with NTLM.

If you installed tomcat6, you can uncomment the valve RequestDumperValve in the file conf/server.xml and then test with Firefox and IE. if you send the content of the file catalina.log, i will be able to help you.

Dominique 

Jan 8, 2011 at 7:20 AM

Hi,

Please find the RequestDumperValve Info log

 

Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: REQUEST URI       =/
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:  characterEncoding=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=0
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contextPath=
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=host=pmese.com
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=user-agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.11) Gecko/20101013 Ubuntu/9.04 (jaunty) Firefox/3.6.11
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Language=en-us,en;q=0.5
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Encoding=gzip,deflate
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Charset=ISO-8859-1,utf-8;q=0.7,*;q=0.7
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Keep-Alive=115
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=connection=keep-alive
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=content-length=0
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             locale=en_US
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             method=GET
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           pathInfo=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           protocol=HTTP/1.1
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        queryString=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteAddr=192.168.1.1
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteHost=192.168.1.1
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: requestedSessionId=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             scheme=https
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverName=pmese.com
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverPort=443
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        servletPath=//jsp/RadaptiveIndex.jsp
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           isSecure=true
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:15 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Jan 8, 2011 7:26:15 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@87ad6f2
Jan 8, 2011 7:26:15 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=-1
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=text/html;charset=utf-8
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Pragma=No-cache
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Cache-Control=no-cache
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=WWW-Authenticate=Negotiate
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:            message=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             status=401
Jan 8, 2011 7:26:15 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ===============================================================
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: REQUEST URI       =/favicon.ico
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:  characterEncoding=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=0
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contextPath=
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=host=pmese.com
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=user-agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.11) Gecko/20101013 Ubuntu/9.04 (jaunty) Firefox/3.6.11
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=accept=image/png,image/*;q=0.8,*/*;q=0.5
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Language=en-us,en;q=0.5
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Encoding=gzip,deflate
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Charset=ISO-8859-1,utf-8;q=0.7,*;q=0.7
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Keep-Alive=115
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=connection=keep-alive
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=content-length=0
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             locale=en_US
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             method=GET
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           pathInfo=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           protocol=HTTP/1.1
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        queryString=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteAddr=192.168.1.1
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteHost=192.168.1.1
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: requestedSessionId=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             scheme=https
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverName=pmese.com
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverPort=443
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        servletPath=/favicon.ico
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           isSecure=true
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:17 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Jan 8, 2011 7:26:17 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@87ad6f2
Jan 8, 2011 7:26:17 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=-1
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=text/html;charset=utf-8
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Pragma=No-cache
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Cache-Control=no-cache
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=WWW-Authenticate=Negotiate
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:            message=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             status=401
Jan 8, 2011 7:26:17 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ===============================================================
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: REQUEST URI       =/favicon.ico
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:  characterEncoding=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=0
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contextPath=
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=host=pmese.com
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=user-agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.11) Gecko/20101013 Ubuntu/9.04 (jaunty) Firefox/3.6.11
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Language=en-us,en;q=0.5
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Encoding=gzip,deflate
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Charset=ISO-8859-1,utf-8;q=0.7,*;q=0.7
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Keep-Alive=115
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=connection=keep-alive
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=content-length=0
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             locale=en_US
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             method=GET
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           pathInfo=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           protocol=HTTP/1.1
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        queryString=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteAddr=192.168.1.1
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteHost=192.168.1.1
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: requestedSessionId=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             scheme=https
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverName=pmese.com
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverPort=443
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        servletPath=/favicon.ico
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           isSecure=true
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:22 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Jan 8, 2011 7:26:22 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@87ad6f2
Jan 8, 2011 7:26:22 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=-1
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=text/html;charset=utf-8
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Pragma=No-cache
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Cache-Control=no-cache
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=WWW-Authenticate=Negotiate
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:            message=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             status=401
Jan 8, 2011 7:26:22 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ===============================================================
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: REQUEST URI       =/
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:  characterEncoding=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=0
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contextPath=
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             cookie=JSESSIONID=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=accept=*/*
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Language=en-us
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=user-agent=Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; InfoPath.2; .NET4.0C)
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Encoding=gzip, deflate
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=host=pmese.com
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=connection=Keep-Alive
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=cookie=JSESSIONID=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=content-length=0
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             locale=en_US
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             method=GET
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           pathInfo=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           protocol=HTTP/1.1
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        queryString=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteAddr=192.168.1.1
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteHost=192.168.1.1
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: requestedSessionId=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             scheme=https
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverName=pmese.com
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverPort=443
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        servletPath=//jsp/RadaptiveIndex.jsp
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           isSecure=true
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:29 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Jan 8, 2011 7:26:29 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@87ad6f2
Jan 8, 2011 7:26:29 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=-1
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=text/html;charset=utf-8
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Pragma=No-cache
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Cache-Control=no-cache
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=WWW-Authenticate=Negotiate
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:            message=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             status=401
Jan 8, 2011 7:26:29 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ===============================================================
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: REQUEST URI       =/
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:  characterEncoding=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=0
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contextPath=
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             cookie=JSESSIONID=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=accept=*/*
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Language=en-us
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=user-agent=Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; InfoPath.2; .NET4.0C)
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Accept-Encoding=gzip, deflate
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=host=pmese.com
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=connection=Keep-Alive
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=authorization=Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=cookie=JSESSIONID=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=content-length=0
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             locale=en_US
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             method=GET
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           pathInfo=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           protocol=HTTP/1.1
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        queryString=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteAddr=192.168.1.1
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteHost=192.168.1.1
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: requestedSessionId=5229497AE048B458FC2F0A7A61B0ABA9.rad
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             scheme=https
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverName=pmese.com
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         serverPort=443
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        servletPath=//jsp/RadaptiveIndex.jsp
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           isSecure=true
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: Entry in  authenticate. Principal does not exist or the browser send the header Authorization: authentication is required
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: realm : fr.doume.v2.realm.WindowsRealm@87ad6f2
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator getTranslationRolesIntoSids
FINE: get the instance of the current TranslationRolesIntoSids from the Context
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: before getSSPAuthentication
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: authentication SPNEGO: remote address: 192.168.1.1
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator getHeaderAuthorizationAndSetWWW_Authenticate
FINE: Token received from the client: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Authorization != null && Authorization starts With NEGOTIATE
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: count of bytes received from the client: 56
Jan 8, 2011 7:26:32 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes 56
Jan 8, 2011 7:26:32 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: count of received bytes after verification 56
Jan 8, 2011 7:26:32 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: Count of 4-tuples : 14
Jan 8, 2011 7:26:32 AM fr.doume.v2.base64.Base64 decodeFrom64
FINE: length_base255 : (Count of bytes after the translation)40
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE: Count of decoded bytes received from the client after the translation from Base 64 : 40
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: before sspauth.acceptSecContext
Jan 8, 2011 7:26:32 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: token length :40
Jan 8, 2011 7:26:32 AM fr.doume.v2.sspi.CancelConnectionForNTLM cancel
FINE: A Timer for ConnectionForNTLM has been canceled
Jan 8, 2011 7:26:32 AM fr.doume.v2.sspi.SSPAuthentication communicateWithNegoServer
FINE: Error in communicateWithNegoServer : Socket is closed
Jan 8, 2011 7:26:32 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Cont of bytes of tokenToClient : 1
Jan 8, 2011 7:26:32 AM fr.doume.v2.sspi.SSPAuthentication acceptSecContext
FINE: Error in AcceptSecContext : Error between tomcat and NegotiateStream!
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: SSPIAuthentication : Error between tomcat and NegotiateStream!
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromInitSecSecurityToAcceptSecurity
FINE: array of bytes sent by acceptSecContext (SSPI server) is null
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator fromAuthorizationToWwwAuthenticate
FINE:  The array of bytes sent by SSPI == null
Jan 8, 2011 7:26:32 AM fr.doume.v2.authenticator.SSPAuthenticator authenticate
FINE: authentication is failed
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ---------------------------------------------------------------
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:           authType=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:      contentLength=-1
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:        contentType=text/html;charset=utf-8
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Pragma=No-cache
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Cache-Control=no-cache
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:            message=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:         remoteUser=null
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO:             status=401
Jan 8, 2011 7:26:32 AM org.apache.catalina.valves.RequestDumperValve invoke
INFO: ===============================================================

Coordinator
Jan 12, 2011 at 6:01 AM

Hello,

In the file trunk-tcp-21112010/example/Howto.txt, you have the paragraph
Exchanges between the client and the web server From the RFC 4559.
Firefox does not send the header Authorization. IE send two times the same data after Authorization.
With NTLM,  the client sends some information, the server sends a nonce and the client sends HASH( HASH(Password) + nonce). 

Verify on your computers (the server and the client) with nslookup that you find the other computer. (DNS?)
If you can also create a new account on AD, verify you can log on the two computers with this account.(Problems with AD?)

After, can you test with the appliccation example authbysspiv2, without SSL?
Delete catalina.log. Log negoserver and the classes fr.doume. Activate  RequestDumperValve in server.xml..
On your workstation, close IE, launch IE and do only the request http://NameOfYouServer:8080/authbysspiv2/index.jsp one time . Send the file catalina.log without modification.
If you prefer, you can send the file to dominiqueph[DOT]guerin[AT]gmail[DOT]...

If it does not work, install Fiddler2 on the client computer. You can find it on http://www.fiddler2.com/fiddler2/ .
You will see all the exchanges between the client and the server. Verify the exchanges (cf the exchanges defined in the RFC 4559).

Dominique