One final point.
You have the timeout set to 5 minutes in
+ * @run main/othervm/timeout=300 BogusKDC
Did you observe the test spending a lot of time? A kerberos client is
designed to timeout after 30 seconds if there is no reply from a KDC but
sometimes it could be very fast if the KDC does not exist (i.e. not
listening on the port at all). Sometimes it could be even slower if the
client believes the KDC is there and it will retry for 3 times. This can
also be platform dependent, for example, on Mac there is no
PortUnreachableException.
I suggest you add a "max_retries = 1" to [libdefaults] of krb5.conf in
case the worst thing happens. You can also add "kdc_timeout = 10s".
Don't make it too short, some embedded Linux are very slow.
I am trying to drag the review process longer so you can push it
yourself. :-)
Thanks
Max
On 07/17/2015 05:05 AM, Artem Smotrakov wrote:
Hi Max,
Good point, please see an updated webrev:
http://cr.openjdk.java.net/~asmotrak/8075297/webrev.01/
Artem
