Hi Experts,
While implementing kerberos sso in webmethods facing this error "Defective token detected.( INFO | jvm 1 | 2025/07/02 08:29:01 | Caused by: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag))"
To resolve this error microsoft team , windows network admin team and GS support team ticket has also been raised but no luck to resolve this error.
Summary of steps microsoft team verified
" created the keytab file using the below command,
"ktpass -princ HTTP/ndcvn796.d90.intra@D90.INTRA ^
-mapuser svc_SNE_svc_esb_krb@D90.INTRA ^
-pass **** ^
-out C:\temp\webmethods.keytab ^
-ptype KRB5_NT_PRINCIPAL ^
-crypto AES256-SHA1"
We provided the keytab file location in the configuration file and it has required permissions.
But still, we see issues in accessing the URL (http://your-server-domain.com).
In the log we see error as Defective token detected.( INFO | jvm 1 | 2025/07/02 08:29:01 | Caused by: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag))
We also checked for the Supported encryption types for the DC, Member server and service account which all has the same value.
In the Network trace we do not see the Kerberos traffic for the account "
Ldap is also configured, central user is configured. did not find option to attach server log here, can share over email. Please share inputs to resolve this GSSexception.
------------------------------
Istkhar Ahmed
------------------------------