https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #43 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 08:47:46 EDT --- (In reply to comment #41) > (In reply to comment #40) > > - DEFAULT_SPN_CLASS is never used, forgot to delete? > Fixed > > > - DEFAULT_KRB5_CONF value: .ini is Windows style, on Unix is krb5.conf > > only. I > > would stick to that convention. I.e., split in two props. > Happy with the current default. Can be set via system property. I personally disagree because Tomcat most popular platform is some Unix flavor. > > - DEFAULT_LOGIN_MODULE_NAME value: this is Oracle-specific, I would rather > > use > > a vendor-agnostic name like 'tomcat-accept'. (Same rule as in tomcat.keytab) > Happy with the current default. Users can change if desired. I disagree again because abstraction is not missing and not everyone uses an Oracle JVM. > > - There is no option to sign in with Kerberos into a directory server. Only > > delegated credential works. This might be problematic if some user account > > is > > not trusted for cred deleg. I don't like to fall back to plain password. > > Did I > > miss that spot in the code? > Nope. Please open an enhancement request. Will do! > > - Property 'javax.security.sasl.server.authentication' should be > > configurable. > > It applies at least to GSSAPI. > > - Property 'javax.security.sasl.qop' should be configurable. It applies at > > least to GSSAPI *and* DIGEST-MD5. > Another enhancement request please. Will do! -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
