“Defective token detected” error (NTLM not Kerberos) with Kerberos/Spring Security/IE/Active Directory

Question

We are having trouble getting Spring Security/Kerberos/AD to work for our web app. Our diagnosis is that our AD server sending an NTLM token (we can tell as it starts with \

Answer 1

I also encountered this problem. For those unlucky people who will have this problem in the future, another cause for this problem is accessing the server by ip instead of it's A record (hostname)