RFR 8005819: Support cross-realm MSSFU

Sean Mullan sean.mullan at oracle.com
Thu Oct 24 17:56:43 UTC 2019


Hi Martin,

Can you update the Description of this Enhancement with more specific 
details of what the Enhancement is and what problems it will address? 
The current issue contains an exception stack trace from a test and no 
further details. This is important for Reviewers as well as being able 
to understand later on what the Enhancement was about.

Thanks,
Sean

On 10/22/19 12:36 PM, Martin Balao wrote:
> Hi,
> 
> I'd like to propose Webrev.01 for 8005819 [1]:
> 
>   * http://cr.openjdk.java.net/~mbalao/webrevs/8005819/8005819.webrev.01/
> 
> New changes:
> 
>   * Avoid re-checking S4U2Proxy and S4U2Self status in each referral
> request (do this only once in "CredentialsUtils::serviceCreds")
> 
>   * Other minor improvements (code readability introducing S4U2Type, do
> not propagate client alias for impersonation TGSs, debugging output)
> 
> Testing: no regressions found in jdk/sun/security/krb5.
> 
> Thanks,
> Martin.-
> 
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8005819
> 


More information about the security-dev mailing list