JDK-5067528 : Problem with Kerberos Obfuscated classes
  • Type: Bug
  • Component: security-libs
  • Sub-Component: org.ietf.jgss:krb5
  • Affected Version: 5.0
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: sparc
  • Submitted: 2004-06-24
  • Updated: 2004-09-22
  • Resolved: 2004-07-12
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Java Kerberos uses UDP transport for ticket requests when communicating 
to the Key Distribution Center (KDC).

On Windows KDC, tickets can get very large. Hence a new feature was added
to fallback to using TCP transport. If the response cannot be handled
using UDP, KDC returns an error, KRB_ERR_RESPONSE_TOO_BIG. Java Kerberos
clients then retry the request using TCP transport.

PROBLEM: Some of the methods in obfuscated classes are unaccessible.

When using the Java Kerberos feature to fallback to TCP, the method called 
to send the TCP request is unaccessible via the obfusted classes, and an
"IllegalAccessError" is thrown. However this works well with unobfuscated classes.

NOTE: This problem is seen only with obfuscated classes, and currently
we ship the Kerberos plugin with obfuscation.

CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: 1.4.2_07 tiger-rc FIXED IN: tiger-rc INTEGRATED IN: tiger-b58 tiger-rc

EVALUATION ###@###.### 2004-06-23 This feature is heavly used by customers using Windows KDC. Need to fix the Kerberos classes in order to work correctly with obfuscation.