Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup
Anika Westburg
Anika.Westburg at raytion.com
Tue Jun 29 12:17:39 UTC 2021
Dear Developers,
we have the problem with Kerberos and AdoptOpenJDK in a cross-realm setup that the first request succeeds, but subsequent requests fail. The reason is that the ticket from the referrals cache does not work for proxy requests. We opened this ticket:
https://github.com/adoptium/adoptium-support/issues/318
We also attached a patch to the ticket that solves the problem for us. If someone could check it out so the patch could make it into the next update release, that would make us and our customer very happy.
If there is anything we can do further to ease your life, please let us know. We are not fully used to your workflows but would want to make sure we are playing according to the rules.
In case you would agree that this is a bug and will be fixed, is there any estimate on likelihood of getting into one of the subsequent releases and when? This would be super helpful to hear, any hint or pointer is highly appreciated.
Kind regards
Anika Westburg
Anika Westburg
Raytion GmbH | Benrather Straße 18 – 20 | 40213 Düsseldorf | Germany
T +49 211 55 02 66 0
anika.westburg at raytion.com | www.raytion.com<http://www.raytion.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210629/801a7858/attachment.htm>
More information about the security-dev
mailing list