This is a known issue. By convention Kerberos principal names are
case-sensitive. However, on Windows, due to issue of case-insensitivity,
mix-in Kerberos principal names are not accepted by the Active Diretory.
Latest Kerberos specifications have defined new preauthention types to
better handle the mix-in Kerberos principal names. Currently
Java GSS/Kerberos does not support these new preauth types, hence the error.
NOTE: However if you use the Kerberos principal name as specified in
the Active Directory account setting, it should all work correctly.
Support for these new preauth types is in the works, and will be
###@###.### 2005-2-18 19:52:31 GMT
I have added support for the new Pre-authentication types, as per the
latest Kerberos specification. This resolves the reported issue when using
Windows KDC, and allows user to use mixed-case Kerberos Principal names.