On 8058290: JAAS Krb5LoginModule has suspect ticket-renewal logic, relies on clockskew grace
Weijun Wang
weijun.wang at oracle.com
Thu May 14 05:30:04 UTC 2015
Hi All
This is about the bug
https://bugs.openjdk.java.net/browse/JDK-8058290
I'm now thinking that with renewTGT=true we should always renew the
ticket no matter if it's new or old. This means the TGT will be always
the latest inside the subject.
How is your opinion? The source fix will be easy but I'd like to get
some feedback before writing regression tests for it.
Thanks
Max
More information about the security-dev
mailing list