Core review request: 8001104: Unbound SASL service: the GSSAPI/krb5 mech (original) (raw)

Weijun Wang weijun.wang at oracle.com
Fri Jan 25 07:08:45 UTC 2013


Hi All

Please review this code change

webrev: http://cr.openjdk.java.net/~weijun/8001104/webrev.01/ bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8001104

This is the final part of unbound kerberos server, now on all three layers of using kerberos you don't need to specify a server name, i.e.

In SASL:

Sasl.createServer("GSSAPI", "protocol", null, ...)

In JGSS:

gssManager.createContext(null) or
gssManager.createCredential(null, ...)

And in JAAS login config file

server {
   com.sun.security.auth.module.Krb5LoginModule required
   principal=* useKeyTab=true;
};

Thanks Max



More information about the security-dev mailing list