To view catalina.out of Identity Server, perform the following steps:
Click Auditing > General Logging.
In Identity Servers section, select the catalina.out file.
Download the file and open it in a text editor.
Search for Kerberos and verify that a subsequent line contains a Commit Succeeded phrase. For the configuration example, the lines look similar to the following:
principal's key obtained from the keytab principal is HTTP/amser.nam.example.com@AD.EXAMPLE.COM Added server's keyKerberos Principal HTTP/amser.nam.example.com@AD.EXAMPLE.COMKey Version 3key EncryptionKey: keyType=3 keyBytes (hex dump)=0000: CB 0E 91 FB 7A 4C 64 FE [Krb5LoginModule] added Krb5Principal HTTP/amser.nam.example.com@AD.EXAMPLE.COM to Subject Commit Succeeded
If the file does not contain any lines similar to these, verify that you have enabled logging. See Enabling Logging for Kerberos Transactions.
If the commit did not succeed, search backward in the file and verify the following values:
Service Principal Name
Name of keytab file
For the example configuration, the file must contain lines with text similar to the following:
Principal is HTTP/amser.nam.example.com KeyTab is /usr/lib/java/jre/lib/security/nidpkey.keytab