[JAVA-4391] Accept "com.sun.security.jgss.initiate" as a default login context name for GSSAPI Created: 08/Nov/21  Updated: 28/Oct/23  Resolved: 19/Nov/21

Status: Closed
Project: Java Driver
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.5.0

Type: Improvement Priority: Unknown
Reporter: Jeffrey Yemin Assignee: Jeffrey Yemin
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
Related
related to JAVA-3836 Support a Kerberos ticket cache Closed
related to JAVA-4389 Getting com.mongodb.MongoSecurityExce... Closed
Backwards Compatibility: Fully Compatible
Documentation Changes: Needed

 Description   

In the 4.2 release, we introduced a new feature for caching Kerberos tickets: JAVA-3836. One of the consequences of that work is that the driver now by default always creates the Subject instance itself instead of relying on the JDK to do so. The LoginContext is now configured here. Note that the default is to use "com.sun.security.jgss.krb5.initiate" as the default login context name. In contrast, the JDK looks for both "com.sun.security.jgss.krb5.initiate" and "com.sun.security.jgss.initiate" (for reasons I'm not sure of). You can find that code here.

We should change the driver to also accept both login names.



 Comments   
Comment by Aarti Pillay [ 13/Feb/23 ]

Facing the same issue in version 4.6.0
Could you please help?
I am using Spring Boot 2.7.3

Comment by Githook User [ 19/Nov/21 ]

Author:

{'name': 'Jeff Yemin', 'email': 'jeff.yemin@mongodb.com', 'username': 'jyemin'}

Message: Support "com.sun.security.jgss.initiate" as Kerberos login context name (#827)

JAVA-4391
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/17e3f0d8dee30c84bfffb05633107cbdd36435f0

Generated at Thu Feb 08 09:01:57 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.