When you work with Kerberos and problems occur on the Content Platform Engine server, there are some steps you can take.
If the Kerberos problem does not seem to be on the client, turn on Kerberos Service debugging. For information, see Checking Kerberos for common errors.
What follows are a few of the more common Kerberos problems. Some error messages will have a number, for example (9), that represents a standard Kerberos error code. This number can appear in either the message itself or, as is the case with WebSphere, as the minor error code for the error.
There can be many other Content Platform Engine server Kerberos problems. If Kerberos Service debugging is not enough to isolate the problem, try turning on additional system debugging, which will give even more information.
Content Platform Engine WebLogic and JBoss servers can specify the sun.security.krb5.debug property, usually on the Java command line with -Dsun.security.krb5.debug=true. This produces a lot of trace output on the JVM's console.
-Dcom.ibm.security.jgss.debug=all
-Dcom.ibm.security.krb5.Krb5Debug=all
which also provide
extra messages in WebSphere's log.