Bug 1186129 - KDC IPv6 addresses are not supported in krb5.conf in IBM JDK 6
Summary: KDC IPv6 addresses are not supported in krb5.conf in IBM JDK 6
Keywords:
Status: CLOSED EOL
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Darran Lofthouse
QA Contact: Pavel Slavicek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-01-27 07:15 UTC by Josef Cacek
Modified: 2019-08-19 12:45 UTC (History)
3 users (show)

Fixed In Version:
Clone Of:
: 1186132 (view as bug list)
Environment:
Last Closed: 2019-08-19 12:45:34 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1189141 0 unspecified CLOSED Clean-up tests which use Kerberos in the EAP testsuite 2021-02-22 00:41:40 UTC
Red Hat Bugzilla 1266482 0 unspecified CLOSED [QE] Skip Kerberos tests in IPv6 environments when hostname is not configured 2021-02-22 00:41:40 UTC

Internal Links: 1189141 1266482

Description Josef Cacek 2015-01-27 07:15:40 UTC 
If the KDC server hostname used in krb5.conf is defined as an IPv6 address, then the com.ibm.security.auth.module.Krb5LoginModule fails because it wrongly parses the value. It uses only the part before the first colon as the hostname.

For instance krb5.conf contains:
[realms]
	JBOSS.ORG = {
		kdc = [2620:52:0:2804:5425:b1c4:c62d:82f4]:6088
	}

and the Krb5LoginModule tries to connect to a host "[2620".

Exception stack trace:
javax.security.auth.login.FailedLoginException: Login error: java.net.UnknownHostException: [2620
	at com.ibm.security.jgss.i18n.I18NException.throwFailedLoginException(I18NException.java:29)
	at com.ibm.security.auth.module.Krb5LoginModule.j(Krb5LoginModule.java:128)
...
Note You need to log in before you can comment on or make changes to this bug.