On 9/26/12 12:30 AM, Weijun Wang wrote: > Hi All > > Please take a look at > > http://cr.openjdk.java.net/~weijun/7201053/webrev.00/
Looks fine to me. --Sean > > In fact, even without this code change, LoginContext would wrap the NPE > inside a LoginException so no real harm will be made. However, it's > always nice to check for null before reference a variable, and an NPE > (no matter as a cause or in the message) is not user friendly. > > Thanks > Max > > > -------- Original Message -------- > 7201053: Krb5LoginModule shows NPE when both useTicketCache and storeKey > are set to true > > === *Description* > ============================================================ > useTicketCache normally used in the intiator side, and storeKey on the > acceptor side. When both are set to true, and a valid TGT is found > inside the cache, no password or keytab will be required, and therefore > no key to store. > > This combination is useless and should have been set to illegal. > However, some customers simply set a lot of arguments to true and this > will actually work if password or key is used. We don't want to break > their programs. > > For this case, when there is no key but storeKey is true, a proper > LoginException should be thrown. This is also consistent with the JDK 6 > behavior. >
