[
https://issues.jboss.org/browse/ELY-85?page=com.atlassian.jira.plugin.sys...
]
Jan Kalina edited comment on ELY-85 at 1/3/18 5:42 AM:
-------------------------------------------------------
Native Kerberos is supported, there are just following issues:
* properties like *sun.security.jgss.lib* needs to be set during JVM initialization - in
standalone.xml it is too late - need to set using JAVA_OPTS
* SASL mechanims GS2 will not work until JDK will be fixed - problem with null address in
channel binding cannot be workarounded
* mechanisms SASL GSSAPI and HTTP SPNEGO needs workaround of JDK-8194073 - implemented in
PR of ELY-85
Complete setup instructions at
https://hkalina.github.io/2018/01/02/gssproxy/
was (Author: honza889):
Native Kerberos is supported, there are just following issues:
* properties like *sun.security.jgss.lib* needs to be set during JVM initialization - in
standalone.xml it is too late - need to set using JAVA_OPTS
* SASL mechanims GS2 will work until JDK will be fixed - problem with null address in
channel binding cannot be workarounded
* mechanisms SASL GSSAPI and HTTP SPNEGO needs workaround of JDK-8194073 - implemented in
PR of ELY-85
Complete setup instructions at
https://hkalina.github.io/2018/01/02/gssproxy/
Support GSS-Proxy
-----------------
Key: ELY-85
URL:
https://issues.jboss.org/browse/ELY-85
Project: WildFly Elytron
Issue Type: Feature Request
Components: SASL
Reporter: Darran Lofthouse
Assignee: Jan Kalina
Fix For: 1.2.0.Beta13
GSS Proxy is something we should consider being able to support when running on an OS
that supports it: -
-https://fedorahosted.org/gss-proxy/-
https://pagure.io/gssproxy
The big first step will be to identify what is required to achieve this, is this
something that can be solved with a custom login module or does this also impact on the
Java supplied GSSAPI implementation.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)