I have a network environment where kerberos authentication is setup in corporate standard (i.e. passoword can live only 30days for user). I've installed my java web application on this system which uses keytab file generated by KDC. All works fine until client user changes his network password after 30 + days. Goggling found it's due to KVNO out of synchronization. So as I understand the problem being KVNO sent by client browser is out of sync with keytab's KVNO. I have less knowledge on this network negotiation steps (I use spring security) so I'm waiting for you guys expertise to resolve this.Thanks in advance.
java.security.PrivilegedActionException: GSSException: Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44))
After bit of research I found there is a problem related to this with Java 1.6 update 23 to 26. Updating to latest Java resolved the problem for me. Thanks for your input.