[security-dev 00665]: Re: Review request: Infinite loop if SPNEGO specified as sun.security.jgss.mechanism
Xuelei Fan
Xuelei.Fan at Sun.COM
Thu Mar 5 08:41:34 UTC 2009
"sun.security.jgss.mechanism", it is a undocumented property, right? I
think it is hard to explain why SPNEGO is request, but KRB5 given, it
is not the expected behavior. Why not thrown a GSSException?
Andrew
Weijun Wang wrote:
> Hi Andrew or Valerie
>
> Please take a review at this bug fix:
>
> http://cr.openjdk.java.net/~weijun/6770883/webrev.01/
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6770883
>
> Basically. Since SPNEGO is a pseudo-mech that's meant to negotiate a
> real concrete mech, SPNEGO itself cannot be used as the underlying
> default mech under.
>
> Thanks
> Max
>
More information about the security-dev
mailing list