-
Bug
-
Resolution: Fixed
-
P3
-
14
-
b27
Noticed that KerberosPrincipal instantiation with OpenJDK could violate the specification:
https://docs.oracle.com/en/java/javase/13/docs/api/java.security.jgss/javax/security/auth/kerberos/KerberosPrincipal.html#%3Cinit%3E(java.lang.String)
>"The default realm can be specified either in a Kerberos configuration file or via the java.security.krb5.realm system property"
>"IllegalArgumentException - if name is improperly formatted, if name is null, or if name does not contain the realm to use and the default realm is not specified in either a Kerberos configuration file or via the java.security.krb5.realm system property"
If there was a "KeyTab.getInstance().exists()" call before the instantiation attempt IAE is thrown no matter that the property was set as the specification requires.
Consider the following example:
=========================
KeyTab.getInstance().exists();
System.out.println("Initially java.security.krb5.kdc = " + System.getProperty("java.security.krb5.kdc"));
System.setProperty("java.security.krb5.kdc", "example.com");
System.out.println("After setting java.security.krb5.kdc = " + System.getProperty("java.security.krb5.kdc"));
System.out.println("Initially java.security.krb5.realm = " + System.getProperty("java.security.krb5.realm"));
System.setProperty("java.security.krb5.realm", "Hello");
System.out.println("After setting java.security.krb5.realm = " + System.getProperty("java.security.krb5.realm"));
new KerberosPrincipal("Hi");
=========================
The output is:
Initially java.security.krb5.kdc = null
After setting java.security.krb5.kdc = example.com
Initially java.security.krb5.realm = null
After setting java.security.krb5.realm = Hello
Exception in thread "main" java.lang.IllegalArgumentException: KrbException: Cannot locate default realm
at java.security.jgss/javax.security.auth.kerberos.KerberosPrincipal.<init>(KerberosPrincipal.java:179)
at java.security.jgss/javax.security.auth.kerberos.KerberosPrincipal.<init>(KerberosPrincipal.java:130)
It's clearly seen that the properties are defined correctly however IllegalArgumentException is still thrown
https://docs.oracle.com/en/java/javase/13/docs/api/java.security.jgss/javax/security/auth/kerberos/KerberosPrincipal.html#%3Cinit%3E(java.lang.String)
>"The default realm can be specified either in a Kerberos configuration file or via the java.security.krb5.realm system property"
>"IllegalArgumentException - if name is improperly formatted, if name is null, or if name does not contain the realm to use and the default realm is not specified in either a Kerberos configuration file or via the java.security.krb5.realm system property"
If there was a "KeyTab.getInstance().exists()" call before the instantiation attempt IAE is thrown no matter that the property was set as the specification requires.
Consider the following example:
=========================
KeyTab.getInstance().exists();
System.out.println("Initially java.security.krb5.kdc = " + System.getProperty("java.security.krb5.kdc"));
System.setProperty("java.security.krb5.kdc", "example.com");
System.out.println("After setting java.security.krb5.kdc = " + System.getProperty("java.security.krb5.kdc"));
System.out.println("Initially java.security.krb5.realm = " + System.getProperty("java.security.krb5.realm"));
System.setProperty("java.security.krb5.realm", "Hello");
System.out.println("After setting java.security.krb5.realm = " + System.getProperty("java.security.krb5.realm"));
new KerberosPrincipal("Hi");
=========================
The output is:
Initially java.security.krb5.kdc = null
After setting java.security.krb5.kdc = example.com
Initially java.security.krb5.realm = null
After setting java.security.krb5.realm = Hello
Exception in thread "main" java.lang.IllegalArgumentException: KrbException: Cannot locate default realm
at java.security.jgss/javax.security.auth.kerberos.KerberosPrincipal.<init>(KerberosPrincipal.java:179)
at java.security.jgss/javax.security.auth.kerberos.KerberosPrincipal.<init>(KerberosPrincipal.java:130)
It's clearly seen that the properties are defined correctly however IllegalArgumentException is still thrown
- csr for
-
JDK-8235382 Clarify system property usage in KerberosPrincipal instantiation
-
- Closed
-