RFR 8005819: Support cross-realm MSSFU
Weijun Wang
weijun.wang at oracle.com
Fri Aug 16 00:29:39 UTC 2019
> On Aug 16, 2019, at 6:31 AM, Martin Balao <mbalao at redhat.com> wrote:
>
> Hi,
>
> I'd like to propose Webrev.00 for JDK-8005819 [1]:
>
> * http://cr.openjdk.java.net/~mbalao/webrevs/8005819/8005819.webrev.00/
>
> Implementation is based in the MS-SFU document [2].
>
> Testing
>
> * ReferralsTest extended to support S4U2Self and S4U2Proxy referrals
>
> * No regressions found in jdk/sun/security/krb5 category
>
> * Tested against a real Active Directory 2016 setup, with 2 referral hops
> * Note: I can provide a PCAP capture and my internal test code if
> there is interest
It will be nice if you can describe the test environment setup in detail so we can setup a similar one.
Thanks,
Max
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8005819
> [2] -
> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/3bff5864-8135-400e-bdd9-33b552051d94
More information about the security-dev
mailing list