The token supplied to the function is invalid

Sep 17, 2011 at 4:33 PM

Hi there,

I have the case that on a computer (inside a domain) serving as the server, the owner does not get logged in automatically when using his computer as client, too. Other clients in the same domain do work.

I have attached the tomcat log as well as the HTTP header trace.

(The same application works on some other laptop (server&client), but this is standalone, not within a domain).

Thanks in advance
Detlev

---

27.07.2011 22:46:30 org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Programme\Apache Software Foundation\Tomcat 6.0\bin;.;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Programme\Intel\WiFi\bin\;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\;C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\DLLShared\;C:\Programme\QuickTime\QTSystem\;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Programme\OpenVPN\bin
27.07.2011 22:46:30 org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
27.07.2011 22:46:30 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 455 ms
27.07.2011 22:46:30 org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
27.07.2011 22:46:30 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.32
27.07.2011 22:46:30 org.apache.catalina.startup.HostConfig deployDescriptor
INFO: Deploying configuration descriptor manager.xml
27.07.2011 22:46:30 org.apache.catalina.startup.HostConfig deployDescriptor
INFO: Deploying configuration descriptor waffle-filter.xml
27.07.2011 22:46:30 waffle.servlet.spi.SecurityFilterProviderCollection <init>
INFO: loading 'waffle.servlet.spi.NegotiateSecurityFilterProvider'
27.07.2011 22:46:30 waffle.servlet.spi.SecurityFilterProviderCollection <init>
INFO: loading 'waffle.servlet.spi.BasicSecurityFilterProvider'
27.07.2011 22:46:30 waffle.servlet.NegotiateSecurityFilter init
INFO: [waffle.servlet.NegotiateSecurityFilter] started
27.07.2011 22:46:30 org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory BCMSelfAdmin
27.07.2011 22:46:30 waffle.servlet.NegotiateSecurityFilter init
INFO: [waffle.servlet.NegotiateSecurityFilter] started
27.07.2011 22:46:30 org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory ROOT
27.07.2011 22:46:30 org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
27.07.2011 22:46:30 org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
27.07.2011 22:46:30 org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/32  config=null
27.07.2011 22:46:30 org.apache.catalina.startup.Catalina start
INFO: Server startup in 598 ms
27.07.2011 22:46:47 waffle.servlet.NegotiateSecurityFilter doFilter
INFO: GET /BCMSelfAdmin/, contentlength: -1
27.07.2011 22:46:47 waffle.servlet.NegotiateSecurityFilter doFilter
INFO: authorization required
27.07.2011 22:46:47 waffle.servlet.NegotiateSecurityFilter doFilter
INFO: GET /BCMSelfAdmin/, contentlength: -1
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: security package: Negotiate, connection id: 192.168.178.23:2319
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: token buffer: 53 byte(s)
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: continue token: TlRMTVNTUAACAAAACAAIADgAAAAFwomiO9PUPOK0sKjAGhAAAAAAAKYApgBAAAAABQEoCgAAAA9DAE8AUgBQAAIACABDAE8AUgBQAAEAEgBBAEMARwAtAE4AQgAtADEAOQAEACAAYwBvAHIAcAAuAGEAYwBnAC0AZwBtAGIAaAAuAGQAZQADADQAQQBDAEcALQBOAEIALQAxADkALgBjAG8AcgBwAC4AYQBjAGcALQBnAG0AYgBoAC4AZABlAAUAIABjAG8AcgBwAC4AYQBjAGcALQBnAG0AYgBoAC4AZABlAAAAAAA=
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: continue required: true
27.07.2011 22:46:47 waffle.servlet.NegotiateSecurityFilter doFilter
INFO: GET /BCMSelfAdmin/, contentlength: -1
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: security package: Negotiate, connection id: 192.168.178.23:2322
27.07.2011 22:46:47 waffle.servlet.spi.NegotiateSecurityFilterProvider doFilter
INFO: token buffer: 72 byte(s)
27.07.2011 22:46:47 waffle.servlet.NegotiateSecurityFilter doFilter
WARNUNG: error logging in user: Das Token, das der Funktion übergeben wurde, ist ungültig.

---

GET /BCMSelfAdmin HTTP/1.0
Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: de
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; AskTbFXTV5/5.8.0.12304)
Host: acg-nb-19.corp.acg-gmbh.de:8080
Connection: Keep-Alive

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: http://acg-nb-19.corp.acg-gmbh.de:8080/BCMSelfAdmin/
Date: Wed, 27 Jul 2011 20:46:46 GMT
Connection: close

GET /BCMSelfAdmin/ HTTP/1.0
Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: de
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; AskTbFXTV5/5.8.0.12304)
Host: acg-nb-19.corp.acg-gmbh.de:8080
Connection: Keep-Alive

HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="BasicSecurityFilterProvider"
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 954
Date: Wed, 27 Jul 2011 20:46:46 GMT
Connection: keep-alive

GET /BCMSelfAdmin/ HTTP/1.0
Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: de
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; AskTbFXTV5/5.8.0.12304)
Host: acg-nb-19.corp.acg-gmbh.de:8080
Connection: Keep-Alive
Authorization: Negotiate TlRMTVNTUAABAAAAB7IIogQABAAxAAAACQAJACgAAAAFASgKAAAAD0FDRy1OQi0xOUNPUlA=

HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: Negotiate TlRMTVNTUAACAAAACAAIADgAAAAFwomiO9PUPOK0sKjAGhAAAAAAAKYApgBAAAAABQEoCgAAAA9DAE8AUgBQAAIACABDAE8AUgBQAAEAEgBBAEMARwAtAE4AQgAtADEAOQAEACAAYwBvAHIAcAAuAGEAYwBnAC0AZwBtAGIAaAAuAGQAZQADADQAQQBDAEcALQBOAEIALQAxADkALgBjAG8AcgBwAC4AYQBjAGcALQBnAG0AYgBoAC4AZABlAAUAIABjAG8AcgBwAC4AYQBjAGcALQBnAG0AYgBoAC4AZABlAAAAAAA=
Connection: keep-alive
Date: Wed, 27 Jul 2011 20:46:46 GMT
Connection: close

GET /BCMSelfAdmin/ HTTP/1.0
Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: de
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; AskTbFXTV5/5.8.0.12304)
Host: acg-nb-19.corp.acg-gmbh.de:8080
Connection: Keep-Alive
Authorization: Negotiate TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP

HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="BasicSecurityFilterProvider"
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 954
Date: Wed, 27 Jul 2011 20:46:46 GMT
Connection: keep-alive

Coordinator
Sep 20, 2011 at 10:07 PM

This just means that the user on that remote computer doesn't have the right to talk to this server. It can be all kinds of stuff, I'd go through Troubleshooting Negotiate steps first.