JDK-6722928 Support SSPI as a native JGSS-API provider - Current Status
Weijun Wang
weijun.wang at oracle.com
Tue Jun 12 06:14:16 UTC 2018
> On Jun 12, 2018, at 6:14 AM, Cole Ferrier <cole at coleferrier.com> wrote:
>
> Thanks for your time reading this. (Sorry for the dupe post if it comes through, joined the list and resent)
>
> I am trying to setup a java client that runs in windows and needs to present a ticket to get access to a service.
>
> No delegation is required.
>
> We are running Java 8/Windows 10 and running into needing to change both the registry setting to enable access to the SessionKey and some group policies around UAC.
> This is not ideal from a security perspective.
>
> I was hoping that the Java community was making progress on this front especially since it sounds like from some other articles, Credential Guard further locks this down.
>
> I found:
>
> https://www.mail-archive.com/security-dev@openjdk.java.net/msg05291.html
> https://www.mail-archive.com/security-dev@openjdk.java.net/msg15532.html
>
> and:
>
> http://cr.openjdk.java.net/~weijun/6722928/
This is a prototype. It's not complete and not product-quality ready.
>
> What is the current status of this? Should it compile and run in Java 8? or does it depend on the recently committed:
>
> https://bugs.openjdk.java.net/browse/JDK-8200468
Yes.
That said, there is no reason why JDK-8200468 cannot be backpored to JDK 8.
--Weijun
>
> Cole Ferrier
>
More information about the security-dev
mailing list