JDK-8001104 : Unbound SASL service: the GSSAPI/krb5 mech
- Type: Sub-task
- Component: security-libs
- Sub-Component: org.ietf.jgss:krb5
- Priority: P4
- Status: Closed
- Resolution: Fixed
- Submitted: 2012-10-18
- Updated: 2017-05-17
- Resolved: 2013-02-09
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 8 |
|---|
8 b78Fixed  |
Related Reports
|
Duplicate :
|
|
|
Duplicate :
|
|
|
Relates :
|
|
|
Relates :
|
Description
Further enable unbound SASL for the GSSAPI/krb5 mech, so that the server can accept requests to any service that it has keys in its keytab. Precisely, in the main task, we can already create a GSSAPI SASL server with serverName == null, but the service principal is still a concrete value that must be provided by the underlying mechanism, in this case, the principal value in the JAAS login conf file. In this sub task, there is no need to specify this principal field anymore. The client can request for any service principal name, as long as the server can find keys for the service principal in its keytab file, the authentication can go on and the server acts as that principal.
Comments
|