RFR 8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
Weijun Wang
weijun.wang at oracle.com
Thu Sep 7 00:07:07 UTC 2017
Please take a review at
http://cr.openjdk.java.net/~weijun/8186884/webrev.00/
BasicProc.java is enhanced to use a native JGSS provider, and KDC.java is enhanced to start (not use) a native KDC. For example, you would be able to test interop among Java JGSS, native JGSS (with MIT krb5) and Heimdal KDC with
jtreg -Dnative.krb5.lib=/usr/local/krb5/lib/libgssapi_krb5.so \
-Dnative.kdc.path=/usr/local/heimdal \
test/sun/security/krb5/auto/BasicProc.java
Without those 2 new system properties, it behaves like before, i.e. Java GSS on the embedded KDC.
Another change in Context.java. Instead of using shared states to provide username and password when doing a krb5 login, a callback handler is used. This is considered more common. An extra permission is needed to read the default username (though I think this can coded as optional).
Thanks
Max
More information about the security-dev
mailing list