[KNOX-1832] KnoxSession handling of JAAS config for kerberos auth is not deterministic - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.3.0
Fix Version/s: 1.3.0
Component/s: KnoxShell
Labels:
None

Description

The KnoxShell kerberos authentication support depends on the default facility for locating the JAAS Configuration to apply, defaulting to the jaas.conf file packaged in its own JAR. In some cases, an alternative JAAS conf has been set (overriding the internal one), which likely does not have the expected entry (i.e., "com.sun.security.jgss.initiate").

Instead, a Configuration instance based explicitly on this internal jaas.conf file can be created and employed, making the behavior much more deterministic.

Attachments

Activity

People

Assignee:: Philip Zampino

Reporter:: Philip Zampino

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 20/Mar/19 16:10

Updated:: 21/Oct/19 14:24

Resolved:: 20/Mar/19 17:24