Uploaded image for project: 'Java Driver'
  1. Java Driver
  2. JAVA-4391

Accept "com.sun.security.jgss.initiate" as a default login context name for GSSAPI

    • Type: Icon: Improvement Improvement
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 4.5.0
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Fully Compatible
    • Needed

      In the 4.2 release, we introduced a new feature for caching Kerberos tickets: JAVA-3836. One of the consequences of that work is that the driver now by default always creates the Subject instance itself instead of relying on the JDK to do so. The LoginContext is now configured here. Note that the default is to use "com.sun.security.jgss.krb5.initiate" as the default login context name. In contrast, the JDK looks for both "com.sun.security.jgss.krb5.initiate" and "com.sun.security.jgss.initiate" (for reasons I'm not sure of). You can find that code here.

      We should change the driver to also accept both login names.

            Assignee:
            jeff.yemin@mongodb.com Jeffrey Yemin
            Reporter:
            jeff.yemin@mongodb.com Jeffrey Yemin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: