Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7195171

renewTGT in Krb5LoginModule config file has no effect

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: P4 P4
    • None
    • 6u31
    • security-libs

      FULL PRODUCT VERSION :
      java version "1.6.0_20"
      Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
      Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows XP [Version 5.1.2600]

      A DESCRIPTION OF THE PROBLEM :
      We are using Krb5LoginModule in one of the POC.
      I have provided useDefaultCache=true and renewTGT=true.

      The code throws an exception when the ticket is expired although I have mentioned renewTGT=true. I have set up allowtgtsessionkey value to 1 in registry. The KDC (ActiveDirectory) settings are default. Ticket lifetime = 10 hours and renewal request threshold = 7 days.

      Can you please help me in figuring out what could be wrong?




      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      import java.util.HashMap;
      import java.util.Map;
      import javax.security.auth.Subject;
      import com.sun.security.auth.module.Krb5LoginModule;

      public class Temp3 {
          public static void main(String[] args) throws Exception {
              System.setProperty("sun.security.krb5.debug", "true");

              Subject subject = new Subject();
              
              Krb5LoginModule krb5 = new Krb5LoginModule();
              
              Map <String, String> map = new HashMap <String, String>();
              map.put("useTicketCache", "true");
              map.put("doNotPrompt", "true");
              map.put("renewTGT", "true");
              map.put("debug", "true");
              //map.put("useFirstPass", "true");
              
              krb5.initialize(subject, null, null, map);
              krb5.login();
              krb5.commit();
              System.out.println(subject);
          }
      }

      ---------- END SOURCE ----------

            weijun Weijun Wang
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: