RFR 8227305: Krb5Util::getTicketFromSubjectAndTgs is useless
Weijun Wang
weijun.wang at oracle.com
Fri Jul 5 09:03:28 UTC 2019
Please review this patch for https://bugs.openjdk.java.net/browse/JDK-8227305:
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -58,82 +58,6 @@
}
/**
- * Retrieve the service ticket for serverPrincipal from caller's Subject
- * or from Subject obtained by logging in, or if not found, via the
- * Ticket Granting Service using the TGT obtained from the Subject.
- *
- * Caller must have permission to:
- * - access and update Subject's private credentials
- * - create LoginContext
- * - read the auth.login.defaultCallbackHandler security property
- *
- * NOTE: This method is used by JSSE Kerberos Cipher Suites
- */
- public static KerberosTicket getTicketFromSubjectAndTgs(GSSCaller caller,
- String clientPrincipal, String serverPrincipal, String tgsPrincipal,
- AccessControlContext acc)
- throws LoginException, KrbException, IOException {
-
.... // skipped
- return ticket;
- }
-
- /**
* Retrieves the ticket corresponding to the client/server principal
* pair from the Subject in the specified AccessControlContext.
* If the ticket can not be found in the Subject, and if
Thanks,
Max
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190705/bb9bb062/attachment.htm>
More information about the security-dev
mailing list