BOBJ4 Windows AD SSO authentication issue

Dear Experts,

I am configuring “Configuring Active Directory Manual Authentication and SSO for BI4”

Under windows 2008 R2 SP1 server  BI version 4 sp6 Tomcat version is .

I am able to login SSO through client tool also manual connect to Windows AD authentication ,But  when run http://BIserver/BOE/BI then popup appear

for credentials ( I am login as domain user which i member of domain group and group and users also import into BOBJ 4).

also check the entries

when I provide user and password in popup windows then error HTTP  500-

stdout.log 

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:

GSS: Initiator supports: KRB5

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:

GSS: Initiator TGS key type:

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: 23

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:

Found acceptor realm: null

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: GSS: Initiator getting service ticket for: BICMS/biservice.dc.local

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** requesting service ticket .. **

  with credentials:

Credential

client: biservice@DC.LOCAL

session key: [23,  14 a3 56 fe 4c 41 40 2d d9 90 88 e9 33 72 3e f6 ]

service principal: krbtgt/DC.LOCAL@DC.LOCAL

valid from: Fri Aug 23 15:09:58 PKT 2013

valid till: Sat Aug 24 01:09:58 PKT 2013

renewable till: Fri Aug 30 15:09:58 PKT 2013

Ticket:

  encryption type: 23

  key version num: 2

  service principal: krbtgt/DC.LOCAL@DC.LOCAL

ticket flags: forwardable renewable initial preauthent

valid for:

  /192.168.200.23

  and KDC options: forwardable

  for service principal (nt=1): BICMS/biservice.dc.local

  at realm: DC.LOCAL

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Resolving KDC for realm: DC.LOCAL

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Available KDC found: /192.168.200.20:88

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Sending message to KDC: /192.168.200.20:88

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Sending TCP request: /192.168.200.20:88

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:     connected;  sending length and request...

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:     sent request;  reading response length...

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:     read length;  reading 1292-byte response...

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: --- got 1292-byte response, initial byte = 0x6d

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Message sent sucessfully to KDC: /192.168.200.20:88

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** credentials obtained .. **

Credential

client: biservice@DC.LOCAL

session key: [23,  82 88 2d 3b 8b 24 ff 1d f3 ce 4d 88 53 16 53 2e ]

service principal: BICMS/biservice.dc.local@DC.LOCAL

valid from: Fri Aug 23 15:11:23 PKT 2013

valid till: Sat Aug 24 01:09:58 PKT 2013

Ticket:

  encryption type: 23

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

ticket flags: forwardable preauthent

valid for: all addresses

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Service ticket obtained:

Credential

client: biservice@DC.LOCAL

session key: [23,  82 88 2d 3b 8b 24 ff 1d f3 ce 4d 88 53 16 53 2e ]

service principal: BICMS/biservice.dc.local@DC.LOCAL

valid from: Fri Aug 23 15:11:23 PKT 2013

valid till: Sat Aug 24 01:09:58 PKT 2013

Ticket:

  encryption type: 23

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

ticket flags: forwardable preauthent

valid for: all addresses

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Setting context expiry to [1377288598000]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Current wall time is [1377252683280]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Not forwarding a TGT for delegation because...

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: OK-AS-DELEGATE not in svc tkt

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** creating application request .. **

  with credentials

Credential

client: biservice@DC.LOCAL

session key: [23,  82 88 2d 3b 8b 24 ff 1d f3 ce 4d 88 53 16 53 2e ]

service principal: BICMS/biservice.dc.local@DC.LOCAL

valid from: Fri Aug 23 15:11:23 PKT 2013

valid till: Sat Aug 24 01:09:58 PKT 2013

Ticket:

  encryption type: 23

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

ticket flags: forwardable preauthent

valid for: all addresses

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** application request .. **

++++ KRB-AP-REQ Message ++++

encryption type: 23

ap options:

Ticket:

  encryption type: 23

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

client: biservice@DC.LOCAL

subkey: null

client time: Fri Aug 23 15:11:23 PKT 2013

cusec: 0

sequence number: 36207099

++++++++++++++++++++++++++++

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: GSS: Acceptor supports: KRB5

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Ticket service name is: BICMS/biservice.dc.local@DC.LOCAL

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: GSS name is: biservice@DC.LOCAL

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Using keytab entry for: biservice@DC.LOCAL

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** decrypting ticket .. **

  with key

  Principal: biservice@DC.LOCAL

  Type: 1

  TimeStamp: Fri Aug 23 15:11:21 PKT 2013

  KVNO: -1

  Key: [23,  64 f1 2c dd aa 88 5 7e 6 a8 1b 54 e7 3b 94 9b ]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:   decrypted ticket:

Ticket:

  encryption type: 23 (DECRYPTED OK)

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

  TransitedEncoding:

  client: biservice@DC.LOCAL

  session key: [23,  82 88 2d 3b 8b 24 ff 1d f3 ce 4d 88 53 16 53 2e ]

  ticket flags: forwardable preauthent

  valid from: Fri Aug 23 15:11:23 PKT 2013

  valid till: Sat Aug 24 01:09:58 PKT 2013

  renew till: not renewable

  valid for:

    all addresses

  auth data:

    [1,  30 82 2 c2 30 82 2 be a0 4 2 2 0 80 a1 82 2 b4 4 82 2 b0 5 0 0 0 0 0 0 0 1 0 0 0 c0 1 0 0 58 0 0 0 0 0 0 0 a 0 0 0 1c 0 0 0 18 2 0 0 0 0 0 0 c 0 0 0 48 0 0 0 38 2 0 0 0 0 0 0 6 0 0 0 14 0 0 0 80 2 0 0 0 0 0 0 7 0 0 0 14 0 0 0 98 2 0 0 0 0 0 0 1 10 8 0 cc cc cc cc b0 1 0 0 0 0 0 0 0 0 2 0 fb 53 c8 b7 e8 9f ce 1 ff ff ff ff ff ff ff 7f ff ff ff ff ff ff ff 7f d7 27 2c e6 5d 9f ce 1 d7 e7 95 10 27 a0 ce 1 ff ff ff ff ff ff ff 7f 12 0 12 0 4 0 2 0 14 0 14 0 8 0 2 0 0 0 0 0 c 0 2 0 0 0 0 0 10 0 2 0 0 0 0 0 14 0 2 0 0 0 0 0 18 0 2 0 5 1 0 0 55 4 0 0 1 2 0 0 2 0 0 0 1c 0 2 0 20 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 12 0 14 0 20 0 2 0 4 0 6 0 24 0 2 0 28 0 2 0 0 0 0 0 0 0 0 0 10 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 9 0 0 0 0 0 0 0 9 0 0 0 62 0 69 0 73 0 65 0 72 0 76 0 69 0 63 0 65 0 0 0 a 0 0 0 0 0 0 0 a 0 0 0 42 0 49 0 20 0 53 0 65 0 72 0 76 0 69 0 63 0 65 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 1 2 0 0 7 0 0 0 53 4 0 0 7 0 0 0 a 0 0 0 0 0 0 0 9 0 0 0 57 0 49 0 4e 0 44 0 4f 0 4d 0 41 0 49 0 4e 0 0 0 3 0 0 0 0 0 0 0 2 0 0 0 44 0 43 0 4 0 0 0 1 4 0 0 0 0 0 5 15 0 0 0 c6 76 16 17 3c aa 20 e3 74 f9 fc 64 0 0 0 0 0 1f f1 eb e8 9f ce 1 12 0 62 0 69 0 73 0 65 0 72 0 76 0 69 0 63 0 65 0 0 0 0 0 24 0 10 0 10 0 38 0 0 0 0 0 0 0 0 0 62 0 69 0 73 0 65 0 72 0 76 0 69 0 63 0 65 0 40 0 44 0 43 0 2e 0 6c 0 6f 0 63 0 61 0 6c 0 0 0 0 0 44 0 43 0 2e 0 4c 0 4f 0 43 0 41 0 4c 0 76 ff ff ff 5f b2 e3 c9 f7 90 93 da aa 43 22 7c 55 33 63 b0 0 0 0 0 76 ff ff ff 5c bb db b0 17 db f3 47 69 e3 e3 3f 68 9c 30 14 0 0 0 0 ]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Checking ticket is valid at: Fri Aug 23 15:11:23 PKT 2013 with acceptable clock skew: 300000

Ticket valid from: Fri Aug 23 15:11:23 PKT 2013 till: Sat Aug 24 01:09:58 PKT 2013

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Setting context expiry to [1377288598000]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: Current wall time is [1377252683283]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos: ** decrypting application request .. **

with key

[23,  82 88 2d 3b 8b 24 ff 1d f3 ce 4d 88 53 16 53 2e ]

[DEBUG] Fri Aug 23 15:11:23 PKT 2013 jcsi.kerberos:   decrypted application request:

++++ KRB-AP-REQ Message ++++

encryption type: 23 (DECRYPTED OK)

ap options:

Ticket:

  encryption type: 23

  key version num: 3

  service principal: BICMS/biservice.dc.local@DC.LOCAL

client: biservice@DC.LOCAL

subkey: null

client time: Fri Aug 23 15:11:23 PKT 2013

cusec: 280000

sequence number: 36207099

++++++++++++++++++++++++++++

log4j:WARN No appenders could be found for logger (com.sun.faces.config.ConfigureListener).

log4j:WARN Please initialize the log4j system properly.

com.businessobjects.webpath.rebean3ws.Activator

log4j:WARN No appenders could be found for logger (org.apache.axis2.deployment.WarBasedAxisConfigurator).

log4j:WARN Please initialize the log4j system properly.

Regards