Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P2
-
Resolution: Won't Fix
-
Affects Version/s: 6, 7, 8
-
Fix Version/s: None
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
Description
While requesting ticket, kinit requests proxiable & forwardable flags only if those are provided as input parameters: kinit -f -p
But if -f & -p flags are not defined, forwardable & proxiable values are not taken from krb5.conf file.
It looks confusing. Because default_realm & [realms] are used in the way it is defined in this Specification:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/jgss-api-mechanism.html
While other flags are skipped.
But if -f & -p flags are not defined, forwardable & proxiable values are not taken from krb5.conf file.
It looks confusing. Because default_realm & [realms] are used in the way it is defined in this Specification:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/jgss-api-mechanism.html
While other flags are skipped.
Attachments
Issue Links
- relates to
-
JDK-8044500 Add kinit options and krb5.conf flags that allow users to obtain renewable tickets and specify ticket lifetimes
-
- Closed
-
-
JDK-8075299 Additional tests for krb5 settings
-
- Closed
-