Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.2.0.CD12
Affects Version/s: 7.1.0.DR18
Component/s: Security
Labels:
- eap71_priority
- eap72

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.2.0.CD12
Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/2891

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

IBM jdk creates kerberos ticket on server side - in other words validates server kerberos configuration.

This is different to how Oracle/OpenJDK works, where this behaviour can be switch on with obtain-kerberos-ticket attribute [1].

Main question here is, could be this default IBM java behaviour switched off? .

Because this can make troubles when KDC is temporary down - with IBM java it won't be possible to fallback to another authentication.

Basically, this is separate tracking issue for this comment [2]

[1] https://issues.jboss.org/browse/JBEAP-10246?focusedCommentId=13392098&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13392098
[2] https://issues.jboss.org/browse/JBEAP-10653?focusedCommentId=13407417&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13407417

is cloned by

ELY-1406 Elytron, IBM SPNEGO misconfiguration handling difference

Resolved

WFCORE-3361 Elytron, IBM SPNEGO misconfiguration handling difference

Resolved

is related to

JBEAP-12932 Upgrade WildFly Core to 4.0.1.Final

Closed

Assignee:: Jan Kalina (Inactive)

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2017/05/22 6:06 AM

Updated:: 2024/09/02 3:49 PM

Resolved:: 2017/12/04 8:01 PM