Hi Colm, Thanks for your feedback.
Now kerby gets KDC port from the realm section of krb5.conf by default. If the port is null, which got from the realm section, kerby will get port from krbSetting. So I think you can try to configure the KDC string without specify the port of your test KDC, which belongs to the realm section of krb5.conf, then kerby will use the port set on krbSetting. Sorry for the late reply. Regards, Frank -----Original Message----- From: Colm O hEigeartaigh [mailto:[email protected]] Sent: Thursday, October 26, 2017 6:56 PM To: [email protected] Subject: Possible (minor) regression in ClientUtil Hi all, I noticed a possible regression in ClientUtil caused by this patch: commit e0c1998b7d02587d5eb0850730ee8b873dca46ca Author: plusplusjiajia <[email protected]> Date: Thu Sep 14 20:57:33 2017 +0800 DIRKRB-657 Implement kinit tool to get tgt ticket from remote realm. Contributed by Frank. The problem is that ClientUtil.getKDCList we no longer call: - kdcList.add(krbSetting.getKdcHost()); instead, we try first to get the address from the realm section of the krb5.conf. The problem arises if the krb5.conf contains an old port for the KDC, it will use this instead of using the correctly port contained in krbSetting.getKdcHost(). I ran into the problem as my /etc/krb5.conf contains an old setting for a given realm, and the test code was picking this port up instead of the port set on krbSetting. Any thoughts on how to handle this? Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
