Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-836

GSSAPI Authentication doesn't respect the package's MaxTokenSize

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 1.8, 1.8.1, 1.8.2
    • Fix Version/s: 1.9
    • Component/s: None
    • Labels:
      None

      Description

      Extraordinarily large users (members of a large number of AD groups) cannot authenticate via Kerberos because the buffers we allocate are too small. Security packages in Windows have a default max token size of 12k bytes which we have hardcoded. This has changed in Windows 2012 to 48k bytes. In addition, it is possible for users to change the MaxTokenSize in their registry. As such, we should be querying the kerberos package info for this value.

        Attachments

          Activity

            People

            Assignee:
            craiggwilson Craig Wilson
            Reporter:
            craiggwilson Craig Wilson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: