JDK-7184815 : [macosx] Need to read Kerberos config in files
- Type: Bug
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 8
- Priority: P3
- Status: Closed
- Resolution: Fixed
- OS: os_x
- CPU: generic
- Submitted: 2012-07-18
- Updated: 2013-09-12
- Resolved: 2012-09-01
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 7 | JDK 8 |
|---|---|
7u40 b06Fixed  |
8Fixed |
Related Reports
|
Relates :
|
Description
On Mac since Lion, sun.security.krb5.Config tries to locate the config info in this order:
1. java.security.krb5.conf system property
2. ${jre}/lib/security/krb5.conf
3. SCDynamicStoreConfig
The main difference from other platforms is that it will not try config files, say, /Library/Preferences/edu.mit.Kerberos or /etc/krb5.conf.
On the other hand, even /usr/bin/kinit comes with Lion reads the config file (if there is no SCDynamicStoreConfig setting).
It seems perfectly reasonable that if there are no SCDynamicStoreConfig entries, falling back to reading the legacy config files may be a valid option.
Comments
|