Uploaded image for project: 'Directory Kerberos'
  1. Directory Kerberos
  2. DIRKRB-631

Not compatible with MIT Kerberos 1.11+

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0.0-RC2, 1.0.0
    • 1.0.1
    • None
    • None
    • Debian, Fedora

    Description

      The Kerby kdc does not accept preauthication form a MIT Kerberos client starting from version 1.11. V1.11 hallmarks the implementation of the FAST OTP standard in MIT Kerberos, apparently with changes not understood by Kerby.
      More details on stacktraces are available from:
      http://mail-archives.apache.org/mod_mbox/directory-kerby/201705.mbox/browser
      A failing test is available from:
      https://github.com/vtslab/directory-kerby/tree/MitIssue

      Without an update on Mit Kerberos compatibility Directory Kerby is not usable for testing kerberos functionality in Apache TInkerpop's gremlin-python module (the more so because the Mit Kerberos 1.10 source distribution does not compile anymore with the gcc-5.x from recent LTS Linux distributions).

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. DIRKRB-614 Kerby (simplekdc) fails to handle unknown PADATA

          • Major - Major loss of function.
          • Closed

          Activity

            People

              jiajia Jiajia Li
              HadoopMarc Marc de Lignie
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: