-
Enhancement
-
Resolution: Fixed
-
P3
-
7, 8
-
b65
-
generic
-
generic
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8168922 | 7-pool | Ivan Gerasimov | P3 | Closed | Won't Fix |
If a service account is trusted for delegation, it can request
service tickets on behalf of an authenticated user to any other
service accounts.
Constrained delegation is a way to restrict the service accounts
for which service tickets can be obtained. This seems a useful
feature to introduce.
See also: Comments section.
service tickets on behalf of an authenticated user to any other
service accounts.
Constrained delegation is a way to restrict the service accounts
for which service tickets can be obtained. This seems a useful
feature to introduce.
See also: Comments section.
- backported by
-
JDK-8168922 introduce constrained Kerberos delegation
-
- Closed
-
- duplicates
-
JDK-7196902 GSSCredential doesn't return correct val for getRemainingLifetime() & getRemainingInitLifetime(oid)
-
- Closed
-
- relates to
-
JDK-6966259 should a principalname object always have a realm?
-
- Closed
-
-
JDK-8044215 Unable to initiate SpNego using a S4U2Proxy GSSCredential (Krb5ProxyCredential)
-
- Resolved
-
-
JDK-8046103 JEP 113: MS-SFU Kerberos 5 Extensions
-
- Closed
-