Details
-
Bug
-
Resolution: Done
-
Blocker
-
None
-
None
Description
Krb5LoginModule options are not configurable. I mean there are some of them exposed (debug, keytab, acceptor/initiator), but not all. In my opinion, sooner or later customers will hunt us to provide all of them. Because there are various use-cases out there needing to tweak kerberos configuration somehow. Legacy KerberosLoginModule exposed these options https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/login-module-reference/#kerberos_login_module
if (debug) { options.put("debug", "true"); } options.put("principal", principal); final AppConfigurationEntry ace; if (IS_IBM) { options.put("noAddress", "true"); options.put("credsType", isServer ? "acceptor" : "initiator"); options.put("useKeytab", keyTab.toURI().toURL().toString()); ace = new AppConfigurationEntry(IBMKRB5LoginModule, REQUIRED, options); } else { options.put("storeKey", "true"); options.put("useKeyTab", "true"); options.put("keyTab", keyTab.getAbsolutePath()); options.put("isInitiator", isServer ? "false" : "true"); ace = new AppConfigurationEntry(KRB5LoginModule, REQUIRED, options); }
^ GSSCredentialSecurityFactory
Attachments
Issue Links
- clones
-
-
- Verified
-
-
-
- Resolved
-
