sspi_bridge We have implemented this code, here are the changes we had to make
Weijun Wang
weijun.wang at oracle.com
Thu Mar 14 04:42:02 UTC 2019
Hi, owner of 6722928 here, I'm glad my patch is useful for you and many thanks for improving it. As Sean says, please sign the OCA if your improvement is non trivial. Then you can always send the patch file as an attachment and I can convert it to webrev and post it to cr.openjdk.java.net. For other discussions, we can just start in this mail thread.
And can you see if https://cr.openjdk.java.net/~weijun/6722928/webrev.04/ is any more helpful? I've mainly made changes around the SPNEGO (Negotiate) mechanism in the last rounds of changes.
Thanks,
Weijun
> On Mar 14, 2019, at 4:03 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> Hi Bruce,
>
> First, thank you for your interest in JGSS and providing feedback. Unfortunately, we can't review or accept patches or bug fixes in this form from an external site.
>
> I would suggest starting a discussion or summary of each of the issues on this alias (without a proposed patch). We can then file a bug (or bugs) for the issues that we agree on and when it comes time to submit a patch, you will need to first file an OCA (if you have not yet) in order for it to be considered for inclusion into the OpenJDK. See https://openjdk.java.net/contribute/ for more information on the OCA and the process for contributing to OpenJDK in general.
>
> Although this may seem a bit onerous, it is a process that we all abide by.
>
> Thanks,
> Sean
>
>
> On 3/12/19 9:54 AM, Bruce Robb wrote:
>> Hi Folks,
>> In November last year, one of our J42 for Application Access <http://www.j42.com/products/j42aa.shtml> customers suddenly announced that they would start using Credential Guard.
>> Back in 2009 we worked with them to build an SSO solution using SPNEGO and JGSS for their 10,000 Windows users.
>> Credential Guard breaks their existing SSO solution so we urgently needed a way to get JGSS to use SSPI.
>> Your code from http://cr.openjdk.java.net/~weijun/6722928/webrev.02/ provided the answer.
>> We have implemented the solution for both Java 8 and Java 11.
>> We did however find a number of issues during development and testing so we would like to feed these back to you.
>> We have written these up in a pdf: https://portal.j42.com/sso/sspi_bridge_updates.pdf
>> Let us know if you have any questions or need more information.
>> We would be happy to use our Active Directory test environment to test your Open JDK implementation,
>> Regards,
>> Bruce Robb
>> ******************************************************************************
>> J&B Computing Services bv
>> Celebrating over 30 years of innovative software products and solutions for satisfied customers
>> Telephone: +31 343 596 070
>> Fax: +31 343 596 079
>> email support at j42.com <mailto:support at j42.com>
>> Web Sites: http://www.j42.com https://portal.j42.com
>> Toll Free (USA): +1 866 580 0076 Registered in KvK Utrecht: 30196450
>> ******************************************************************************
More information about the security-dev
mailing list