Unable to Extract KerberosEncData from compressed kerberos token (CA API Gateway)
book
Article ID: 186956
calendar_today
Updated On:
Products
CA API GatewayAPI SECURITYCA API Gateway Precision API Monitoring Module for API Gateway (Layer 7)CA API Gateway Enterprise Service Manager (Layer 7)STARTER PACK-7CA Microgateway
Issue/Introduction
When use "Require Windows Integrated Authentication Credentials" Assertion along with the Authorization Context Variables "kerberos.data.authorizations.0.pac.logoninfo.user.name" to extract the user name from the kerberos ticket, it's empty.
After enable kerberos debug, it shows,
STDOUT: >>> KrbApReq: authenticate succeed.
No other error in ssg log.
After change the log level to FINE, it shows following error,
"Unable to extract kerberos authorization data from the kerberos ticket: Malformed PAC logon info."