Hi John,
Thank you for your reply.
I have set the same parameters as well; however, the only difference is that our OS is HP-UX. So, according to page 126 of the Secure Login Implementation Guide, I have put the value of spnego/krbspnego_lib=$(DIR_INSTANCE)/SLL/libsapcrypto.sl ... I do not have libsapcrypto.so file in my SLL directory. Apart from this, I also checked the entries in the USRACL table for SNC entries. All user ids have their respective SNC names and there is no duplication.
The problem is that when I test the service, the system shows the SAP screen of the ABAP system (screenshot below). There is no indication of AD credentials.
Image may be NSFW.
Clik here to view.
Further, when I activated the SPNego trace, I got the following entry.
SPNegoValidateToken: Calling sec_kerberos_spnego_ParseToken(...) to parse the received token value
SPNegoLib: ERROR(0xA2600214) in KERBEROS module. Function sec_kerberos_spnego_ParseToken failed: Authentication token is of type
[Kerberos sec_kerberos_spnego_ParseToken]
SPNegoLib: SPNego: Token checked successfully [Kerberos sec_kerberos_spnego_ParseToken]
SPNegoLib: SPNegoToken: TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw== [Kerberos sec_kerberos_spnego_ParseToken]
SPNegoLib: InitialContextToken: NULL [Kerberos sec_kerberos_spnego_ParseToken]
SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken (rc=-1570766316)
Received an NTLM token. This is not supported.
SPNegoValidateToken: Finished (rc=-62)
Look forward to your advice.
Kind regards,
Amer.
