Symptom
- Logging into the Secure Login Client SPNEGO profile results in the error:
"Supplied credentials not accepted by the server." - If the traces show the below errors, go to Resolution point 1.
Secure Login Client traces:
"Got kerberos ticket for 'HTTP/<SPN>' with server key type 18 and session key type 18""
"Cli-00000003: Cannot perform client authentication: Have no certificate fitting to CA names received from server"
AS Java traces:
"Could not validate SPNEGO token. Reason: Checksum error.
No logon policy was applied" - If the AS Java traces show the below error, go to Resolution point 2.
"
Could not validate SPNEGO token.
[EXCEPTION]
java.lang.Exception: Clock skew too great. Client time: <>
"
Read more...
Environment
- SAP Single Sign-On 2.0
- SAP Single Sign-On 3.0
Product
SAP Single Sign-On 2.0 ; SAP Single Sign-On 3.0
Keywords
SLC, SecureLoginDefaultPolicyConfigurationSPNEGO, SPNegoLoginModule, Secure Login Server, SLS, default, developer, AD, Active Directory, service user, account, clock, application server, failed , KBA , BC-IAM-SSO-SL , Secure Login , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.