Looks fine except the following minor nit:
- Why not return realm on line 1224 after a match is found? Doesn't seem
necessary to continue w/ the whole for-loop.
Thanks,
Valerie
On 07/15/10 23:23, Weijun Wang wrote:
Updated webrev:
http://cr.openjdk.java.net/~weijun/6969292/webrev.01/
Changes:
checkRealm() return null instead of throwing an exception. (Thanks,
Alan).
Thanks
Max
On 07/15/2010 02:12 PM, Weijun Wang wrote:
Hi Valerie
6969292: make DNS lookup for realm/kdc really work
Webrev:
http://cr.openjdk.java.net/~weijun/6969292/webrev.00/
We've implemented DNS lookup for realm and kdc for some time, and have
made it default turned on in JDK 7. However, it's still not 100%
zero-configuration, a krb5.conf is needed to map hostname to realm.
This fix iterates thru ResolverConfiguration.open().searchlist() which
includes "search" or "domain" values in /etc/resolv.conf. The file
normally always exists on a linux/unix system. It would be nice to
directly get the "domain" name, but there's no public method to retrieve
it.
Maybe this trick should be performed at JNDI/DNS level, where a one-word
query item be automatically appended with elements in srchlist. However,
JNDI is quite stable and I don't want to touch it.
Vinnie, any comment?
I've tried this on brand new solaris-i586 and linux-x64 (VM) systems
(inside the SunWAN) with no krb5.conf and it works fine.
I also fix a small error, "_udp." -> "_udp", because the dot is added
again in the getKerberosService(*,*) method. Several debug lines are
added.
Thanks
Max
