729502 – Kerberos auth failing to work in openjdk due to two upstream bugs

Bug 729502 - Kerberos auth failing to work in openjdk due to two upstream bugs

Summary: Kerberos auth failing to work in openjdk due to two upstream bugs

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	java-1.6.0-openjdk
Sub Component:
Version:	5.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Deepak Bhole
QA Contact:	Lukáš Zachar
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	846709
TreeView+	depends on / blocked

Reported:	2011-08-09 23:15 UTC by Graeme Gillies
Modified:	2013-01-11 04:01 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-01-08 07:44:04 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0099	0	normal	SHIPPED_LIVE	java-1.6.0-openjdk bug fix update	2013-01-07 15:41:01 UTC

Description Graeme Gillies 2011-08-09 23:15:43 UTC

Hi. We are attempting to use java authentication with our j2ee application, but we are experiencing two problems which have already been lodged as bugs in openjdk upstream.

http://bugs.sun.com/view_bug.do?bug_id=6979329
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6815182

They have been fixed in java7, but we would like to get these fixes backported into java6 and shipped as an errata so that kerberos authentication works.

At the moment we have to run our own patched jvm (using patches from the commits against the issues above) but would like to move back to a rhel supported package

Comment 5 Deepak Bhole 2011-09-09 17:36:22 UTC

Graeme, is there a testcase for this that I can try?

Comment 6 Graeme Gillies 2011-09-11 23:10:07 UTC

Hi Deepak,

Is there anything wrong with using the SpnegoReqFlags test case at

http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9d5cce463fa0

?

Regards,

Graeme

Comment 7 Deepak Bhole 2011-09-12 15:28:06 UTC

Hi Graeme,

Unfortunately not. That test requires importing an additional changeset in the first place (that added the kerberos testframework):
http://hg.openjdk.java.net/jdk7/build-gate/jdk/rev/3f051f3ba5bb

But even with that imported, the test still does not run with OpenJDK6. I suspect it relies on things working in a certain manner (OpenJDK7).

I am still looking into it, but if I cannot find a solution, I am going to request a backout of that test.

Comment 8 Deepak Bhole 2011-09-21 21:33:27 UTC

Hi Graeme. Any further info on this?

Comment 9 Graeme Gillies 2011-09-26 02:05:04 UTC

Hi,

Unfortunately I'm not quite sure what more information I can provide here to help. I'm not a java programmer (just a sysadmin), and these issues were noticed when one of our developers was trying to use JBoss Enterprise Portal Platform.

If you want I can talk to the developer and see if they can look at writing up some test cases for you, but that will need some time to do that.

Is there no other way we can move this forward seeing as the fixes are already in jdk7?

Regards,

Graeme

Comment 10 Deepak Bhole 2011-09-26 15:24:02 UTC

Hi Graeme. I can push it in IcedTea, but I think it would be nice to be able to ensure that the patch fixes what we want.

Can you please add the JBoss dev to cc: if you don't mind?

Comment 22 errata-xmlrpc 2013-01-08 07:44:04 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0099.html

Note You need to log in before you can comment on or make changes to this bug.