Please take a review at
http://cr.openjdk.java.net/~weijun/8186884/webrev.00/
BasicProc.java is enhanced to use a native JGSS provider, and KDC.java is
enhanced to start (not use) a native KDC. For example, you would be able to
test interop among Java JGSS, native JGSS (with MIT krb5) and Heimdal KDC with
jtreg -Dnative.krb5.lib=/usr/local/krb5/lib/libgssapi_krb5.so \
-Dnative.kdc.path=/usr/local/heimdal \
test/sun/security/krb5/auto/BasicProc.java
Without those 2 new system properties, it behaves like before, i.e. Java GSS on
the embedded KDC.
Another change in Context.java. Instead of using shared states to provide
username and password when doing a krb5 login, a callback handler is used. This
is considered more common. An extra permission is needed to read the default
username (though I think this can coded as optional).
Thanks
Max
