On 20.05.2013 09:42, Emmanuel Lécharny wrote: > Le 5/20/13 8:54 AM, Stefan Seelmann a écrit : >> Hi Emmanuel, >> >> On 20.05.2013 08:35, Emmanuel Lécharny wrote: >>> So the problem appears to be that we create an entry which >>> KerberosPrincipal is ldap/[email protected], but for some unknown >>> reason, we are looking for an entry which kerberos principal is >>> ldap/[email protected]. >>> >>> It looks like that there is some name resolution occuring somewhere on >>> Mac OSX... Either we don't store the correct KerberosPrincipal, or we >>> have a conversion we don't asked for. >>> >>> I'm investigating... >>> >> Please check the constructor of SaslBindIT. I remember that I added some >> magic code to detect how the machine resolves 127.0.0.1 because Windows >> 7 made some trouble. > > Yes, saw that. > > I just committed some code that fixes the issue on Mac OSX, it would be > cool to check if it still works on windows and linux ! > See > > http://svn.apache.org/r1484387 >
On Windows two GSSAPI SASL bind tests fail: https://builds.apache.org/job/dir-apacheds-jdk16-win/399/ On my Linux machine the SaslBindIT.testSaslGssApiBind() fails also. If I debug into TicketGrantingService,getRequestPrincipalEntry() the tgsContext.getRequest().getKdcReqBody().getSName() contains "localhost.localdomain". I checked my /etc/hosts and there I have the following entry: 127.0.0.1 localhost.localdomain localhost When I change that entry to the following the test works. 127.0.0.1 localhost When I revert your commit the test also works as InetAddress.getByName("127.0.0.1").getHostName() returns "localhost.localdomain" Can you please check your /etc/hosts if you have an entry for 127.0.0.1? More important: Somewhere in the production code the IP 127.0.0.1 is resolved to "localhost.localdomain" or whatever /etc/hosts contains. Where does that happen? Does the KRB client does that and sends the resolved name to the server? Or does the server resolve the name when a connection is made? In the end the principal name contains "localhost.localdomain". I think to have a stable test the test setup needs to use the same mechanism to lookup the hostname as the production code. Kind Regards, Stefan
