Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8215032 Support Kerberos cross-realm referrals (RFC 6806)
  3. JDK-8225387

Release Note: Support for Kerberos Cross-Realm Referrals (RFC 6806)

XMLWordPrintable

        The Kerberos client has been enhanced with the support of principal name canonicalization and cross-realm referrals, as defined by the RFC 6806 protocol extension.

        As a result of this new feature, the Kerberos client can take advantage of more dynamic environment configurations and does not necessarily need to know (in advance) how to reach the realm of a target principal (user or service).

        Support is enabled by default and 5 is the maximum number of referral hops allowed. To turn it off, set the `sun.security.krb5.disableReferrals` security or system property to false. To configure a custom maximum number of referral hops, set the `sun.security.krb5.maxReferrals` security or system property to any positive value.

        See further information in JDK-8223172.

              mbalao Martin Balao Alonso
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: