RFR: 8279842: HTTPS Channel Binding support for Java GSS/Kerberos [v8]
Michael Osipov
duke at openjdk.java.net
Tue Jan 25 13:03:33 UTC 2022
On Tue, 25 Jan 2022 12:47:26 GMT, Michael McMahon <michaelm at openjdk.org> wrote:
>> src/java.base/share/classes/sun/net/www/http/HttpClient.java line 150:
>>
>>> 148: * "domain:a,c.d,*.e.f" (sent to host a, or c.d or to the domain e.f and any of its subdomains). This is
>>> 149: * a comma separated list of arbitrary length with no white-space allowed.
>>> 150: * If enabled (for a particular destination) then SPNEGO authentication requests will include
>>
>> Previously `Negotiate` was used, now `SPNEGO`?
>
> "Negotiate" is the name of the HTTP authentication scheme which uses the SPNEGO mechanism. Possibly makes more sense to refer to Negotiate here.
Yes, I know. That's the point. Clearly differentiate between GSS-API mech and HTTP auth scheme.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7065
More information about the core-libs-dev
mailing list