code review request: 6894072: always refresh keytab
Weijun Wang
weijun.wang at oracle.com
Wed Mar 23 09:00:46 UTC 2011
Hi Valerie
Updated webrev:
http://cr.openjdk.java.net/~weijun/6894072/webrev.02
Changes since last version:
1. A KerberosPrincipal inside javax..KeyTab class. New getInstance()
arguments, new getPrincipal() method.
It can only be non-null now, but I didn't say anything in the spec. I'm
hoping it can be null in the future to support multiple service
principal in a single service.
2. toString(), hashCode(), equals() for KeyTab, since it will be put
inside private credentials set.
3. Enhancement to SubjectComber:
a) Generics for find() and findMany()
b) findAux() now support Krb5AcceptCredential
4. Krb5Util.ServiceCreds: since principal is already inside both KeyTab
and KerberosKey, no more KerberosPrincipal argument in getInstance(),
there is still a field inside to save the value.
5. sun..KeyTab and javax..KeyTab: isMissing==true is now valid. Changes
to the javadoc of javax..KeyTab.getKeys().
6. New TwoPrinces.java test, a subject with 2 KerberosPrincipal after
JAAS commit.
This time I'd like to first make sure implementation is correct, and
then I'll update the CCC. Is this OK?
Thanks
Max
More information about the security-dev
mailing list