[DOCS-3318] Java driver does not canonicalize server name for Kerberos automatically Created: 01/May/14 Updated: 27/Jul/16 Resolved: 03/Apr/15 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | ecosystem |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Critical - P2 |
| Reporter: | Alexander Komyagin | Assignee: | Michael Paik |
| Resolution: | Done | Votes: | 1 |
| Labels: | security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Participants: | |||||
| Days since reply: | 7 years, 29 weeks ago | ||||
| Description |
|
According to javadocs:
We should outline this in docs, as it's a great source of confusion on the client side. If the Kerberos service principal is using canonicalized instance name, and Java driver uses IP, then without the CANONICALIZE_HOST_NAME property you will be getting "Server not found in Kerberos database (7) - UNKNOWN_SERVER" exception from GSS. |
| Comments |
| Comment by Emily Hall [ 27/Jul/16 ] |
|
Closed for housekeeping on 7/27/2016 by Emily Hall. |
| Comment by Githook User [ 03/Apr/15 ] |
|
Author: {u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}Message:
|
| Comment by Githook User [ 03/Apr/15 ] |
|
Author: {u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}Message:
|
| Comment by Githook User [ 03/Apr/15 ] |
|
Author: {u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}Message:
|
| Comment by Jeffrey Yemin [ 01/May/14 ] |
|
Editable here: https://github.com/mongodb/docs-ecosystem/blob/master/source/tutorial/authenticate-with-java-driver.txt |
| Comment by Alexander Komyagin [ 01/May/14 ] |
|
I think this is the best place: http://docs.mongodb.org/ecosystem/tutorial/authenticate-with-java-driver/ |