Java fails to read crendential cache which has ben obtained through a client keytab
Wang Weijun
weijun.wang at oracle.com
Thu Jul 31 14:07:34 UTC 2014
Hi Michael
We've recently fixed a bug where the principal name in ccache has no realm:
http://bugs.openjdk.java.net/browse/JDK-8048073
8048073: Cannot read ccache entry with a realm-less service name
Is this the same one? If not, can you send me a copy of your ccache?
Thanks
Max
On Jul 31, 2014, at 19:42, Michael Osipov <1983-01-06 at gmx.net> wrote:
> Hi,
>
> I recently started using the client keytab feature MIT Kerberos introduced some time ago.
> While C based programs work fine with KRB5_CLIENT_KTNAME, Java is unable to read the credential
> cache created by that client keytab initiation code because some addtional marker principals are added.
>
> In order to analyze the issue, I can provide logfiles, etc.
>
> Michael
More information about the security-dev
mailing list