-
Bug
-
Resolution: Fixed
-
P4
-
6u31
-
b51
-
x86
-
windows_xp
-
Verified
FULL PRODUCT VERSION :
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b05)
Java HotSpot(TM) Client VM (build 20.6-b01, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
A DESCRIPTION OF THE PROBLEM :
I have created a SPNEGO security context and except appropriate tokens. Though the client sent me a Kerberos 5 token which of course will be rejected. GssContext#acceptSecContext throws an exception with following message:
> GSSException: No credential found for: 1.2.840.113554.1.2.21.2.840.113554.1.2.2 usage: Accept
The mech is printed TWICE.
It should be:
GSSException: No credential found for: 1.2.840.113554.1.2.2 usage: Accept
This bug can be easily fixed in JDK 6 and 7 by editing:
sun.security.jgss.GSSCredentialImpl
Changing throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
mechOid + getElementStr(mechOid,
initiate? INITIATE_ONLY : ACCEPT_ONLY));
to throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
getElementStr(mechOid,
initiate? INITIATE_ONLY : ACCEPT_ONLY));
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b05)
Java HotSpot(TM) Client VM (build 20.6-b01, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
A DESCRIPTION OF THE PROBLEM :
I have created a SPNEGO security context and except appropriate tokens. Though the client sent me a Kerberos 5 token which of course will be rejected. GssContext#acceptSecContext throws an exception with following message:
> GSSException: No credential found for: 1.2.840.113554.1.2.21.2.840.113554.1.2.2 usage: Accept
The mech is printed TWICE.
It should be:
GSSException: No credential found for: 1.2.840.113554.1.2.2 usage: Accept
This bug can be easily fixed in JDK 6 and 7 by editing:
sun.security.jgss.GSSCredentialImpl
Changing throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
mechOid + getElementStr(mechOid,
initiate? INITIATE_ONLY : ACCEPT_ONLY));
to throw new GSSExceptionImpl(GSSException.NO_CRED,
"No credential found for: " +
getElementStr(mechOid,
initiate? INITIATE_ONLY : ACCEPT_ONLY));
REPRODUCIBILITY :
This bug can be reproduced always.