United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-7110803 : SASL service for multiple hostnames

Details
Type:
Enhancement
Submit Date:
2011-11-11
Status:
Closed
Updated Date:
2014-01-03
Project Name:
JDK
Resolved Date:
2012-11-02
Component:
security-libs
OS:
generic
Sub-Component:
java.security
CPU:
generic
Priority:
P4
Resolution:
Fixed
Affected Versions:
8
Fixed Versions:

Related Reports
Relates:
Relates:
Relates:

Sub Tasks
JDK-8001104:

Description
In Sasl.createSaslServer() method, the serverName argument is documented as "[t]he non-null fully qualified host name of the server". This means a SASL service must specify the exact hostname it is serving at (say, my.host.com). This is not true any more in today's virtualized world in which a service might be serving clients from different networks by exposing different service names.

Update: the main bug will cover the SASL API change and trivial changes to mechanisms. Further enhancement for the GSSAPI/krb5 mech will be addressed in a sub task.

                                    

Comments
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/36f962518499
User:  weijun
Date:  2012-11-02 03:08:16 +0000

                                     
2012-11-02
URL:   http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/36f962518499
User:  lana
Date:  2012-11-06 21:24:27 +0000

                                     
2012-11-06
release note:

scope: Java SE
text: When creating a SASL server, the server name can be set to null to denote an unbound server, which means a client can request for the service using any server name. After a context is established, the server can retrieve the name as a negotiated property with the key name SASL.BOUND_SERVER_NAME.
                                     
2013-12-11
The What's New section of the release notes links to the Enhancements page of the security guide (docs/technotes/guides/security/enhancements-8.html), which contains a summary of this change.
                                     
2014-01-03



Hardware and Software, Engineered to Work Together