Skip to content

[CI] SimpleKdcLdapServerTests.testClientServiceMutualAuthentication fails reproducibly #33228

New issue
New issue
Closed
Closed
[CI] SimpleKdcLdapServerTests.testClientServiceMutualAuthentication fails reproducibly#33228
Assignees
bizybot
Labels
:Security/SecuritySecurity issues without another label>test-failureTriaged test failures from CI
@cbuescher

Description

@cbuescher
cbuescher
opened on Aug 29, 2018

Build: https://elasticsearch-ci.elastic.co/job/elastic+elasticsearch+6.4+matrix-java-periodic/ES_BUILD_JAVA=java10,ES_RUNTIME_JAVA=java10,nodes=virtual&&linux/65/console

This reproduces locally for me on 6.4:

./gradlew :x-pack:plugin:security:test \
  -Dtests.seed=A316EEACBDD1FFD2 \
  -Dtests.class=org.elasticsearch.xpack.security.authc.kerberos.SimpleKdcLdapServerTests \
  -Dtests.method="testClientServiceMutualAuthentication" \
  -Dtests.security.manager=true \
  -Dtests.locale=mr-IN \
  -Dtests.timezone=America/Maceio

Error looks like:

ERROR   1.32s | SimpleKdcLdapServerTests.testClientServiceMutualAuthentication <<< FAILURES!
   > Throwable #1: java.security.PrivilegedActionException: java.security.PrivilegedActionException: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
   >    at __randomizedtesting.SeedInfo.seed([A316EEACBDD1FFD2:D9E25FBBFDF1E177]:0)
   >    at java.base/java.security.AccessController.doPrivileged(Native Method)
   >    at org.elasticsearch.xpack.security.authc.kerberos.KerberosTestCase.doAsWrapper(KerberosTestCase.java:176)
   >    at org.elasticsearch.xpack.security.authc.kerberos.SpnegoClient.<init>(SpnegoClient.java:82)
   >    at org.elasticsearch.xpack.security.authc.kerberos.SimpleKdcLdapServerTests.testClientServiceMutualAuthentication(SimpleKdcLdapServerTests.java:57)
   >    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   >    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   >    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   >    at java.base/java.lang.reflect.Method.invoke(Method.java:564)
   >    at java.base/java.lang.Thread.run(Thread.java:844)
   > Caused by: java.security.PrivilegedActionException: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
   >    at java.base/java.security.AccessController.doPrivileged(Native Method)
   >    at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
   >    at org.elasticsearch.xpack.security.authc.kerberos.KerberosTestCase.lambda$doAsWrapper$2(KerberosTestCase.java:176)
   >    ... 40 more
   > Caused by: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
   >    at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:147)
   >    at java.security.jgss/sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:126)
   >    at java.security.jgss/sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:193)
   >    at java.security.jgss/sun.security.jgss.spnego.SpNegoMechFactory.getCredentialElement(SpNegoMechFactory.java:146)
   >    at java.security.jgss/sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:193)
   >    at java.security.jgss/sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:439)
   >    at java.security.jgss/sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:74)
   >    at java.security.jgss/sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:154)
   >    at org.elasticsearch.xpack.security.authc.kerberos.SpnegoClient.lambda$new$1(SpnegoClient.java:83)
   >    ... 43 more

Metadata

Metadata

Assignees

Labels

:Security/SecuritySecurity issues without another label>test-failureTriaged test failures from CI

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions