[security-dev 00037]: Re: [Fwd: Re: JAVASEC - Problem running JAAS client from tutorial]

Sean Mullan Sean.Mullan at Sun.COM
Mon Jan 7 13:42:14 PST 2008


Weijun Max Wang wrote:
> Hi All
> 
> I've tried to disable realm name case check in JDK (equals ->
> equalsIgnoreCase), and it works. In fact, I do several experiments to
> change the case of principal names, realm names, service names and
> hostnames, and MSAD just doesn't care. This is another case of
> Microsoft's long term habit of ignoring cases (BASIC language, file
> names, user names...).

This might work when interoperating with a Microsoft KDC, but what about 
with other KDC implementations where realms are case-sensitive? (i.e. 
"FOO" != "foo")

--Sean



More information about the security-dev mailing list