[
https://issues.jboss.org/browse/ELY-1406?page=com.atlassian.jira.plugin.s...
]
Jan Kalina moved JBEAP-13523 to ELY-1406:
-----------------------------------------
Project: WildFly Elytron (was: JBoss Enterprise Application Platform)
Key: ELY-1406 (was: JBEAP-13523)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Credentials
(was: Security)
Affects Version/s: 1.2.0.Beta6
(was: 7.1.0.DR18)
Elytron, IBM SPNEGO misconfiguration handling difference
--------------------------------------------------------
Key: ELY-1406
URL:
https://issues.jboss.org/browse/ELY-1406
Project: WildFly Elytron
Issue Type: Bug
Components: Credentials
Affects Versions: 1.2.0.Beta6
Reporter: Jan Kalina
Assignee: Jan Kalina
Priority: Critical
IBM jdk creates kerberos ticket on server side - in other words validates server kerberos
configuration.
This is different to how Oracle/OpenJDK works, where this behaviour can be switch on with
obtain-kerberos-ticket attribute [1].
Main question here is, could be this default IBM java behaviour switched off? .
Because this can make troubles when KDC is temporary down - with IBM java it won't be
possible to fallback to another authentication.
Basically, this is separate tracking issue for this comment [2]
[1]
https://issues.jboss.org/browse/JBEAP-10246?focusedCommentId=13392098&...
[2]
https://issues.jboss.org/browse/JBEAP-10653?focusedCommentId=13407417&...
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)