Uploaded image for project: 'Java Driver'
  1. Java Driver
  2. JAVA-4391

Accept "com.sun.security.jgss.initiate" as a default login context name for GSSAPI

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Unknown Unknown
    • 4.5.0
    • None
    • Security
    • None
    • Fully Compatible
    • Needed

    Description

      In the 4.2 release, we introduced a new feature for caching Kerberos tickets: JAVA-3836. One of the consequences of that work is that the driver now by default always creates the Subject instance itself instead of relying on the JDK to do so. The LoginContext is now configured here. Note that the default is to use "com.sun.security.jgss.krb5.initiate" as the default login context name. In contrast, the JDK looks for both "com.sun.security.jgss.krb5.initiate" and "com.sun.security.jgss.initiate" (for reasons I'm not sure of). You can find that code here.

      We should change the driver to also accept both login names.

      Attachments

        Activity

          People

            jeff.yemin@mongodb.com Jeffrey Yemin
            jeff.yemin@mongodb.com Jeffrey Yemin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: