After running a Jython script that updates SSO and Kerberos settings in Global secueity, I get the following error:
FFDC Exception:java.security.PrivilegedActionException SourceId:com.ibm.ws.security.web.FormLoginServlet.formLogin ProbeId:422 Reporter:com.ibm.ws.security.web.FormLoginExtensionProcessor@ecfd5211
java.security.PrivilegedActionException: com.ibm.websphere.security.auth.WSLoginFailedException: Login error: com.ibm.security.krb5.KrbException, status code: 37
message: Clock skew too great
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:122)The reson for this message is that my Linux Server and my Active Directory date/times are out of time synchronisation. I often find that with CentOS 7 on Oracle Virtual Box, even with ntpd enabled that the Linux clock looses time?
The problem in WAS can also happen when you code an invalid Service name, or a malformed LDAP Bind, or LDAP Base DN, but in this case re-setting the clock and restarting the Deployment Manager, allowed me make my Jython updates and automate the setting up of SSO and Kerberos.
