code review request: 6894072: always refresh keytab

Weijun Wang weijun.wang at oracle.com
Sat Apr 2 10:33:35 UTC 2011



On 04/02/2011 05:18 PM, Weijun Wang wrote:
> Updated again:
>
> http://cr.openjdk.java.net/~weijun/6894072/webrev.05/
>
> Changes:
>
> 1. New Krb5Util.KeysFromKeyTab as a special kind of KerebrosKey we will
> add to and remove from private credentials set. Add and remove are only
> done when !subject.isReadOnly(). Only remove keys for this principal.
>
> 2. Use the class above in KeyTab.getKeys().

Should be

2. Use the class above in Krb5LoginModule.commit() and 
ServiceCreds.getKKeys().

Thanks
Max

>
> 3. Remove a uselss method in KDC.java test.
>
> 4. Update new test KeyTabCompat.java, make sure after keytab refresh,
> the old key in priv cred set is removed.
>
> Thanks
> Max



More information about the security-dev mailing list