Uploaded image for project: 'Teiid'
  1. Teiid
  2. TEIID-4183

MSSQL JDBC driver invalidates kerberos ticket on Connection.close()

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 9.1, 8.12.5
    • 8.12.x, 8.7.5.6_2
    • JDBC Connector
    • None

    Description

      MSSQL JDBC driver invalidate kerberos ticket on Connection.close() (related bugzilla [1]).
      If user creates kerberos connection, driver invalidates ticket on closing connection (Connection.close()). Therefore ticket cannot be re-used. EAP team creates a workaround for this by adding module option wrapGSSCredential=true with additional setting credentialLifetime=-1 [2, 3, 4, 5]. This works for static kerberos authentication.
      However, passthrough authentication (org.teiid.jboss.PassthroughIdentityLoginModule) does not work, because passed ticket is not managed by EAP but by client.

      [1] https://bugzilla.redhat.com/show_bug.cgi?id=1097276
      [2] https://bugzilla.redhat.com/show_bug.cgi?id=1097276#c58
      [3] https://issues.jboss.org/browse/SECURITY-905
      [4] https://issues.jboss.org/browse/JBEAP-843
      [5] https://github.com/wildfly-security/jboss-negotiation/commit/0c7e06f58a79855d5ae2fbe6cb662e90baf7a5d4

      Attachments

        Activity

          People

            rhn-support-jolee Johnathon Lee
            jdurani Juraj DurĂ¡ni (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: