sftp in apache camel tries kerberos authentication

Question

My camel route picks up files from a sftp endpoint configured with username and password. Before the connection is made, i get a prompt for username and password from Kerberos. I skip this by pressing enter, and authentication proceeds as expected, the files i picked up. Edit: After going through the versioning logs and the program logs i'm not entirely sure this is what happend, and i cannot reproduce it. What i see it that my (one) screen-copy with the Kerberos prompt coincides with the one of several logs showing authentication failure because my username is wrong.

Why do i get the prompt? My endpoint looks like this:

sendEmptyMessageWhenIdle: sendEmptyMessageWhenIdle=true
useHostFile: knownHostsFile=known_hosts&strictHostKeyChecking=yes
workDirectory: /omg/myprogram/${env}/WorkDirectory
fromParams: streamDownload=true&maximumReconnectAttempts=2&throwExceptionOnConnectFailed=true&consumer.bridgeErrorHandler=true&disconnectOnBatchComplete=true
mypassword: password=blablabla
fromUri: sftp://myuser@accept.server.nu:22/TST?${mypassword}
from: ${fromUri}&${sendEmptyMessageWhenIdle}&${routeScheduler}&delete=true&${useHostFile}&localWorkDirectory=${workDirectory}&${fromParams}

Actually when i dont use a hosts file the same thing happens:

useUserKnownHostsFile=false

The camel version is 2.22.2. What can i do to disable Kerberos in Apache camel?

Answer 1

It appears that the Kerberos prompt appears when authentication with the provided user-name and password fails.

That is, i have not been able to reproduce the problem i described above but i have found that the Kerberos prompt appeared when the username was incorrect.

Log:

2019-01-31 12:42:30,767 DEBUG [main] myprogram.StartUpVerneProphet -  -  - Running with Spring Boot v2.0.8.RELEASE, Spring v5.0.12.RELEASE 
2019-01-31 12:42:30,769 INFO  [main] myprogram.StartUpVerneProphet -  -  - No active profile set, falling back to default profiles: default 
2019-01-31 12:42:36,003 WARN  [main] org.apache.camel.component.file.remote.SftpOperations -  -  - JSCH -> Permanently added 'accept.server.nu' (DSA) to the list of known hosts. 
2019-01-31 12:43:01,537 WARN  [main] org.apache.camel.component.file.remote.SftpOperations -  -  - JSCH -> Permanently added 'accept.server.nu' (DSA) to the list of known hosts. 
2019-01-31 12:44:13,940 WARN  [main] org.apache.camel.component.file.remote.SftpOperations -  -  - JSCH -> Permanently added 'accept.server.nu' (DSA) to the list of known hosts. 
2019-01-31 12:44:24,963 WARN  [main] org.apache.camel.component.file.remote.SftpConsumer -  -  - Error auto creating directory: TST due Cannot connect to sftp://faulty-username@accept.server.nu:22. This exception is ignored. org.apache.camel.component.file.GenericFileOperationFailedException: Cannot connect to sftp://faulty-username@accept.server.nu:22
at org.apache.camel.component.file.remote.SftpOperations.connect(SftpOperations.java:144)
at org.apache.camel.component.file.remote.RemoteFileConsumer.connectIfNecessary(RemoteFileConsumer.java:197)

Screen-copy:

12:42:30,761 |-INFO in c.q.l.core.rolling.helper.TimeBasedArchiveRemover - first clean up after appender initialization
12:42:30,763 |-INFO in c.q.l.core.rolling.helper.TimeBasedArchiveRemover - Multiple periods, i.e. 32 periods, seem to have elapsed. This is expected a                                  t application start.
2019-01-31 12:42:30 DEBUG myprogram.StartUp -   -  - Running with Spring Boot v2.0.8.RELEASE, Spr                                  ing v5.0.12.RELEASE
2019-01-31 12:42:30 INFO myprogram.StartUp -   -  - No active profile set, falling back to defau                                  lt profiles: default
2019-01-31 12:42:36 WARN  org.apache.camel.component.file.remote.SftpOperations -   -  - JSCH -> Permanently added 'accept.server.nu' (DSA) to the list of known hosts.
Kerberos username [root]:
Kerberos password for root:
2019-01-31 12:43:01 WARN   org.apache.camel.component.file.remote.SftpOperations -   -  - JSCH -> Permanently added 'accept.server.nu' (DSA) to the list of known hosts.
Kerberos username [root]:
Kerberos password for root:

Unfortunately, i made only one screencopy, so i am unsure if there was any occasion where the Kerberos prompt appeared after i used the correct user-name. It hasn't appeared totday.

Answer 2

Could you please set preferredAuthentications attribute on the SFTP component and see if makes a difference? This is an example preferredAuthentications=publickey,keyboard-interactive,password. Documentation for FTP component here. The docs say if you don't set this, the component will use default list of mechanisms in JSCH.

Edit: I see a similar question here but in JSCH perspective.