Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8274205

Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC

    XMLWordPrintable

Details

    Backports

      Description

        Current KRB5 implementation does not handle KDC_ERR_SVC_UNAVAILABLE error code after sending the AS Request to the specified KDC. Implementation treats all error codes from KDC (except of KRB_ERR_RESPONSE_TOO_BIG) as terminal and does not retry with another available KDC if possible.
        KDC_ERR_SVC_UNAVAILABLE is defined as "A service is not available" in the RFC4120 [1]. KDC sends this error indicating temporary error, for example if server has been restarting.
        MIT implementation handles KDC_ERR_SVC_UNAVAILABLE error from KDC and reattempts to connect to the next KDC as per the config [2]. I suggest to do the same.
          [1] - https://datatracker.ietf.org/doc/html/rfc4120#section-7.5.9
          [2] - https://krbdev.mit.edu/rt/Ticket/Display.html?id=3334

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8275701 Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8303231 Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8303343 Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8303753 Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC

            • P3 - Major loss of function.
            • Resolved
            links to

            Commit Commit openjdk/jdk17u/844d8bf8

            Commit Commit openjdk/jdk/5ba0d09f

            Review Review openjdk/jdk17u/207

            Review Review openjdk/jdk/5658

            Activity

              People

                abakhtin Alexey Bakhtin
                abakhtin Alexey Bakhtin
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: