RFR 8058290: JAAS Krb5LoginModule has suspect ticket-renewal logic, relies on clockskew grace
Sean Mullan
sean.mullan at oracle.com
Thu Jul 2 14:05:21 UTC 2015
This looks fine. The isOld method should probably be static. Also, can
you document this renewal behavior in the class summary in the
"renewTGT" section?
--Sean
On 06/25/2015 04:21 AM, Weijun Wang wrote:
> Please review the code change at
>
> http://cr.openjdk.java.net/~weijun/8058290/webrev.00/
>
> After this fix, a "renewTGT=true" in JAAS config for Krb5LoginModule
> means "renew if old enough", as suggested by the bug reporter [1].
>
> Thanks
> Max
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8058290
More information about the security-dev
mailing list