Matching Principals
Dangi, Salil
Salil.Dangi at unisys.com
Tue Jun 20 19:59:08 EDT 2006
I am running into following issue with AP-Request generated by Java 1.5:
AP-Request has a Ticket and an Authenticator.
Both of these structures have client (cname) information.
As part of AP-Request verification, the client information in these two
structures should be matched.
I see that the cname in the ticket and cname in the authenticator are
not same. One of them shows a name-type of 0 (KRB_NT_UNKNOWN) and the
other one shows a name-type of 1 (KRB_NT_PRINCIPAL). The name-string
fields are identical in cname fields of the ticket and the
authenticator.
How do you match two names that have different name-type attributes
(UNKNOWN and NT_PRINCIPAL)?
Should this be considered as a bug with JAVA 1.5 implementation?
More information about the krbdev
mailing list