Core review request: 8001104: Unbound SASL service: the GSSAPI/krb5 mech
Weijun Wang
weijun.wang at oracle.com
Fri Jan 25 07:08:45 UTC 2013
Hi All
Please review this code change
webrev: http://cr.openjdk.java.net/~weijun/8001104/webrev.01/
bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8001104
This is the final part of unbound kerberos server, now on all three
layers of using kerberos you don't need to specify a server name, i.e.
In SASL:
Sasl.createServer("GSSAPI", "protocol", null, ...)
In JGSS:
gssManager.createContext(null) or
gssManager.createCredential(null, ...)
And in JAAS login config file
server {
com.sun.security.auth.module.Krb5LoginModule required
principal=* useKeyTab=true;
};
Thanks
Max
More information about the security-dev
mailing list