directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jiajia Li (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRKRB-638) KerbyGssAppTest fails when there is no keytab on the service side
Date Thu, 03 Aug 2017 03:07:02 GMT

    [ https://issues.apache.org/jira/browse/DIRKRB-638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112103#comment-16112103
] 

Jiajia Li commented on DIRKRB-638:
----------------------------------

In Krb5LoginModule:
{code}
                kerbKeys = new KerberosKey[encKeys.length];
                for (int i = 0; i < encKeys.length; i ++) {
                    Integer temp = encKeys[i].getKeyVersionNumber();
                    kerbKeys[i] = new KerberosKey(kerbClientPrinc,
                                          encKeys[i].getBytes(),
                                          encKeys[i].getEType(),
                                          (temp == null?
                                          0: temp.intValue()));
{code}

The temp is null, and it set the kvno as 0, but when adding the principal, the default kvno
is 1. That's why the kvno is not equal.

> KerbyGssAppTest fails when there is no keytab on the service side
> -----------------------------------------------------------------
>
>                 Key: DIRKRB-638
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-638
>             Project: Directory Kerberos
>          Issue Type: Bug
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.1.0
>
>         Attachments: DIRKRB-638.patch, DIRKRB-638-V2.patch
>
>
> When we log in via a username/password on the service side, as opposed to a keytab, the
KerbyGssAppTest does not work, as GssAcceptCred is only written to handle keytabs.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message