Hi Bino
2. Reading native memory-based credentials cache into Credentials objects
I don't think we do this in JDK6 either.
I just tried OS X's builtin kinit and klist command:
$ kinit dummy
Please enter the password for [email protected]:
$ klist
Kerberos 5 ticket cache: 'API:Initial default ccache'
...
So here the ccache name is "API:Initial default ccache", which looks
like an in-memory ccache. At least I cannot find normal file-based
ccache file named /tmp/krb5cc_**.
There is also a difference between Apple's JDK 6u29 and the current
macosx-port OpenJDK build when calling the following method:
sun.security.krb5,Credentials.acquireTGTFromCache()
It returns a valid credential (which is identical to the klist output)
in Apple's 6u29, but the macosx-port one returns null. So it seems the
Apple JDK can see the special ccache object but macosx-port cannot.
Thanks
Max
Regards
Bino.
On Oct 14, 2011, at 10:38 AM, Weijun Wang wrote:
Hi Mike
I'm working in the Java SE Security Team in Oracle. Apple's JRE (at
least in the JDK 6 releases) supports some extra Kerberos features for
OS X. As I know, at least there are:
1. Looking for krb5.conf at /Library/Preferences/edu.mit.Kerberos
2. Reading native memory-based credentials cache into Credentials objects
I didn't see them on the Project Status page [1]. Is it because they
are too trivial to be listed or you're not going to support them?
Thanks
Max
[1] http://wikis.sun.com/display/OpenJDK/Mac+OS+X+Port+Project+Status
