[jboss-jira] [JBoss JIRA] (ELY-1406) Elytron, IBM SPNEGO misconfiguration handling difference
Jan Kalina (JIRA)
issues at jboss.org
Tue Oct 17 04:23:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-1406?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Kalina moved JBEAP-13523 to ELY-1406:
-----------------------------------------
Project: WildFly Elytron (was: JBoss Enterprise Application Platform)
Key: ELY-1406 (was: JBEAP-13523)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Credentials
(was: Security)
Affects Version/s: 1.2.0.Beta6
(was: 7.1.0.DR18)
> Elytron, IBM SPNEGO misconfiguration handling difference
> --------------------------------------------------------
>
> Key: ELY-1406
> URL: https://issues.jboss.org/browse/ELY-1406
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credentials
> Affects Versions: 1.2.0.Beta6
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Critical
>
> IBM jdk creates kerberos ticket on server side - in other words validates server kerberos configuration.
> This is different to how Oracle/OpenJDK works, where this behaviour can be switch on with obtain-kerberos-ticket attribute [1].
> Main question here is, could be this default IBM java behaviour switched off? .
> Because this can make troubles when KDC is temporary down - with IBM java it won't be possible to fallback to another authentication.
> Basically, this is separate tracking issue for this comment [2]
> [1] https://issues.jboss.org/browse/JBEAP-10246?focusedCommentId=13392098&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13392098
> [2] https://issues.jboss.org/browse/JBEAP-10653?focusedCommentId=13407417&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13407417
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list