Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 8
Affects Version/s: 7, 8
Component/s: security-libs
Labels:

Subcomponent:
java.security
Resolved In Build:
b65
CPU:

generic
OS:

generic
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8168922	7-pool	Ivan Gerasimov	P3	Closed	Won't Fix

If a service account is trusted for delegation, it can request
service tickets on behalf of an authenticated user to any other
service accounts.

Constrained delegation is a way to restrict the service accounts
for which service tickets can be obtained. This seems a useful
feature to introduce.

See also: Comments section.

backported by

JDK-8168922 introduce constrained Kerberos delegation

Closed

duplicates

JDK-7196902 GSSCredential doesn't return correct val for getRemainingLifetime() & getRemainingInitLifetime(oid)

Closed

relates to

JDK-6966259 should a principalname object always have a realm?

Closed

JDK-8044215 Unable to initiate SpNego using a S4U2Proxy GSSCredential (Krb5ProxyCredential)

Resolved

JDK-8046103 JEP 113: MS-SFU Kerberos 5 Extensions

Closed

Assignee:: Weijun Wang

Reporter:: Carlos Lucasius (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2005-11-25 20:35

Updated:: 2017-05-16 16:00

Resolved:: 2012-11-06 22:18

Imported:: 18/Sep/12 12:28 AM

Indexed:: 11/Sep/12 2:56 AM

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates