Bug ID: JDK-6350061 JGSS requires big-endian credential cache

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other	JDK 6
1.4.2_12Fixed	6 b63Fixed

A DESCRIPTION OF THE REQUEST :
The JGSS Kerberos implementation expects the credential cache file specified in KRB5CCNAME to be stored in network (big-endian) byte order.

However, the file created by the kinit(1) distributed with other kerberos vendors(e.g. MIT)  is stored in host byte order. This means that on little-endian architectures used for Linux and win32 hosts the file cannot be read in Java without using the kinit distributed with Java.


JUSTIFICATION :
The purpose of kerberos is single sign-on.  With a very small change-- simply toggling the byte order of integers in the credential cache file depending on the host architecture, JGSS could cleanly interoperate with existing kerberos implemenations.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
JGSS should create and read the kerberos credential cache file in a byte order dependent on the host architecture.
ACTUAL -
JGSS creates and reads the kerberos credential cache file in big endian byte order only.

CUSTOMER SUBMITTED WORKAROUND :
The temporary solution is to rewrite the credential cache into the correct byte order before JGSS attempts to use it.  This is a huge hack and requires parsing the non-trivial binary ticket file format.