Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6355584

introduce constrained Kerberos delegation

    XMLWordPrintable

Details

    • b65
    • generic
    • generic
    • Verified

    Backports

      Description

        If a service account is trusted for delegation, it can request
        service tickets on behalf of an authenticated user to any other
        service accounts.

        Constrained delegation is a way to restrict the service accounts
        for which service tickets can be obtained. This seems a useful
        feature to introduce.

        See also: Comments section.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8168922 introduce constrained Kerberos delegation

            • P3 - Major loss of function.
            • Closed
            duplicates

            Bug - A problem which impairs or prevents the functions of the product. JDK-7196902 GSSCredential doesn't return correct val for getRemainingLifetime() & getRemainingInitLifetime(oid)

            • P3 - Major loss of function.
            • Closed
            relates to

            Enhancement - null JDK-6966259 should a principalname object always have a realm?

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8044215 Unable to initiate SpNego using a S4U2Proxy GSSCredential (Krb5ProxyCredential)

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            JEP - Java Enhancement Proposal JDK-8046103 JEP 113: MS-SFU Kerberos 5 Extensions

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Activity

              People

                weijun Weijun Wang
                clucasius Carlos Lucasius (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: