JDK-8153932 : Update Kerberos 5 GSS-API Mechanism technotes
- Type: Enhancement
- Component: docs
- Sub-Component: guides
- Affected Version: 9
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- Submitted: 2016-04-11
- Updated: 2016-08-23
- Resolved: 2016-08-23
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 9 |
|---|
9Fixed  |
Related Reports
|
Relates :
|
|
|
Relates :
|
|
|
Relates :
|
|
|
Relates :
|
Description
Kerberos 5 enhancements for http://download.java.net/jdk9/docs/technotes/guides/security/jgss/jgss-api-mechanism.html. In "Supported krb5.conf Settings":
1. Update "In Java SE 7" to "In Java SE 9".
2. Prepend the following 2 lines before "[libdefaults]":
include FILENAME
includedir DIRNAME
3. Add 3 new lines at the end of the "[libdefaults]" section:
max_retries =
renew_lifetime =
ticket_lifetime =
4. Update the "[realms]" section to
[realms]
REALM.NAME = {
kdc =
kdc_timeout =
udp_preference_limit =
max_retries =
}
5. In the default values part, update these values:
udp_preference_limit from -1 to "1465 (-1 in JDK 7)"
kdc_timeout from "30000" to "30s (30000 in JDK 7)"
dns_lookup_realm from true to false, and remove the "(false in JDK 6)" words
Comments
|