Mercurial > hg > shenandoah-preopenjdk-archive > openjdk8 > jdk
changeset 10196:64bbdc0360cd
8044215: Unable to initiate SpNego using a S4U2Proxy GSSCredential (Krb5ProxyCredential)
Reviewed-by: mullan
author | weijun |
---|---|
date | Tue, 14 Oct 2014 10:08:32 +0800 |
parents | f7337085ddbd |
children | a6b81ca3248a |
files | src/share/classes/sun/security/jgss/krb5/Krb5Context.java test/sun/security/krb5/auto/S4U2proxy.java |
diffstat | 2 files changed, 10 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/jgss/krb5/Krb5Context.java Mon Oct 13 11:25:42 2014 -0700 +++ b/src/share/classes/sun/security/jgss/krb5/Krb5Context.java Tue Oct 14 10:08:32 2014 +0800 @@ -241,8 +241,11 @@ * establishment. */ public final void requestCredDeleg(boolean value) throws GSSException { - if (state == STATE_NEW && isInitiator()) - credDelegState = value; + if (state == STATE_NEW && isInitiator()) { + if (myCred == null || !(myCred instanceof Krb5ProxyCredential)) { + credDelegState = value; + } + } } /**
--- a/test/sun/security/krb5/auto/S4U2proxy.java Mon Oct 13 11:25:42 2014 -0700 +++ b/test/sun/security/krb5/auto/S4U2proxy.java Tue Oct 14 10:08:32 2014 +0800 @@ -23,7 +23,7 @@ /* * @test - * @bug 6355584 + * @bug 6355584 8044215 * @summary Introduce constrained Kerberos delegation * @compile -XDignore.symbol.file S4U2proxy.java * @run main/othervm S4U2proxy krb5 @@ -69,6 +69,10 @@ Context p = s.delegated(); p.startAsClient(OneKDC.BACKEND, mech); + + // 8044215: requestCredDeleg is useless and harmless + p.x().requestCredDeleg(true); + b.startAsServer(mech); Context.handshake(p, b);