Kerberos - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC

Question

I\'m trying to setup SSO for Java WebApp using Kerberos/SpNego. I\'m using:

• Java 1.7u67
• org.springframework.security.kerberos 1.0.0.RELEASE

Answer 1

This can also be thrown if your using Active Directory as the KDC and the keytab user is configured for a different encryption setting than your keytab is using. In my case AES 128 was configured and I was expecting AES 256. A simple change of the configuration within AD resolved the issue.