GSSAPI interoperability problem between Java 1.5 & MIT Kerberos
kenh at cmf.nrl.navy.mil
Tue Jan 10 17:39:42 EST 2006
>>You know, we did try it with other encryption types (at least for the LDAP
>>service key in question), but that didn't change anything.
>Did you try with following Kerberos configuration :
>default_tkt_enctypes = des-cbc-md5
>default_tgs_enctypes = des-cbc-md5
Err .. it's really difficult to get an MIT KDC to generate a des-cbc-md5
session key. At least, it was when I tried to do it, and it caused so many
problems last time I tried I didn't even think about it. I'll ask the
developer in question to try it.
>>Great! Do you know when it will be fixed? Also, what version of Java will
>>include this fix?
>Plan to fix this in Java SE 6 and Java 5.0 Update release.
More information about the krbdev