very simple code review request: 7179796: GSSExceptionImpl outputs duplicate mech oid
Weijun Wang
weijun.wang at oracle.com
Mon Jul 23 14:24:11 UTC 2012
Hi All
Please take a look at
GSSExceptionImpl outputs duplicate mech oid
The mechOid info is duplicated in the output.
Thanks
Max
-------- Original Message --------
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7179796
7179796: GSSExceptionImpl outputs duplicate mech oid
=== *Description*
============================================================
FULL PRODUCT VERSION :
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b05)
Java HotSpot(TM) Client VM (build 20.6-b01, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
A DESCRIPTION OF THE PROBLEM :
I have created a SPNEGO security context and except appropriate tokens.
Though the client sent me a Kerberos 5 token which of course will be
rejected. GssContext#acceptSecContext throws an exception with following
message:
> GSSException: No credential found for: 1.2.840.113554.1.2.21.2.840.113554.1.2.2 usage: Accept
The mech is printed TWICE.
It should be:
GSSException: No credential found for: 1.2.840.113554.1.2.2 usage: Accept
This bug can be easily fixed in JDK 6 and 7 by editing:
sun.security.jgss.GSSCredentialImpl
Changing throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
mechOid + getElementStr(mechOid,
initiate? INITIATE_ONLY :
ACCEPT_ONLY));
to throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
getElementStr(mechOid,
initiate? INITIATE_ONLY :
ACCEPT_ONLY));
REPRODUCIBILITY :
This bug can be reproduced always.
More information about the security-dev
mailing list