[JAVA-2320] Add test automation for GSSAPI authentication on Windows Created: 23/Sep/16 Updated: 31/Jan/18 Resolved: 31/Jan/18 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | Test Coverage |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Jeffrey Yemin | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Description |
|
The Java driver automated test suite on Jenkins executes GSSAPI authentication on Linux. Although there is no Windows-specific code in the driver for GSSAPI authentication, we should still validate in Jenkins that it works properly, as there is a significant volume of platform-specific code for GSSAPI authentication within the JDK itself, and clients have historically had trouble getting GSSAPI authentication working on Windows with the Java driver. |
| Comments |
| Comment by Jeffrey Yemin [ 01/Dec/16 ] | |||||||||
|
See See javax.security.sasl.Sasl#MAX_BUFFER:
The default value for this is 65536. There is a bug in the JDK in which in incorrectly sends a non-zero value to the server even when there is no security layer defined. This is a violation of the RFC mentioned in the SERVER ticket, but one apparently that most implementations are relaxed about, but not the mongod server on Windows. Note also that this actually has nothing to do with GSSAPI using a Java client on Windows. It's the same code for Linux, Mac, etc. So no Java client can currently authenticate via GSSAPI to a mongod running on Windows. And any Java client, Windows or otherwise, can authenticate to a mongod running on Linux. | |||||||||
| Comment by rajesh [ 05/Nov/16 ] | |||||||||
|
Hi Jeff, we are facing this issue when connecting to MongoDB with javadriver using GSSAPI on windows environment. Connections through mongoshell and python driver seemes to be working fine. This problem is specific to windows environment as we were able to succesfully authenticate on centos. we are currently stuck due to this issue. is there any workaround for this issue ? mongodb log: Thanks, | |||||||||
| Comment by David Golub [ 23/Sep/16 ] | |||||||||
|
Server log output from attempting to connect to a MongoDB process using Kerberos on Windows with the Java driver:
|