river-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Brouwer (JIRA)" <j...@apache.org>
Subject [jira] Updated: (RIVER-178) Kerberos provider should support a system property to limit session key lifetime
Date Tue, 20 Nov 2007 18:21:43 GMT

     [ https://issues.apache.org/jira/browse/RIVER-178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mark Brouwer updated RIVER-178:
-------------------------------

      Description: 
Bugtraq ID [5023464|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5023464]

Currently jgss does not expire the session context once its session ticket expires.  GSSContext.getLifeTime()
always returns GSSContext.INDEFINITE_LIFETIME.  If a system property should be added to allow
user to set a time limit for session keys, while the Kerberos provider still checks GSSContext.getLifeTime(),
so things will work properly once jgss fixes the problem.Currently jgss does not expire the
session context once its session ticket expires.  GSSContext.getLifeTime() always returns
GSSContext.INDEFINITE_LIFETIME.  If a system property should be added to allow user to set
a time limit for session keys, while the Kerberos provider still checks GSSContext.getLifeTime(),
so things will work properly once jgss fixes the problem.

  was:
Bugtraq ID [5023464|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5023464]

Currently jgss does not expire the session context once its session
ticket expires.  GSSContext.getLifeTime() always returns
GSSContext.INDEFINITE_LIFETIME.  If a system property should be added
to allow user to set a time limit for session keys, while the Kerberos
provider still checks GSSContext.getLifeTime(), so things will work
properly once jgss fixes the problem.Currently jgss does not expire the session context once
its session
ticket expires.  GSSContext.getLifeTime() always returns
GSSContext.INDEFINITE_LIFETIME.  If a system property should be added
to allow user to set a time limit for session keys, while the Kerberos
provider still checks GSSContext.getLifeTime(), so things will work
properly once jgss fixes the problem.

    Fix Version/s:     (was: jtsk_1.0)

> Kerberos provider should support a system property to limit session key lifetime
> --------------------------------------------------------------------------------
>
>                 Key: RIVER-178
>                 URL: https://issues.apache.org/jira/browse/RIVER-178
>             Project: River
>          Issue Type: Bug
>          Components: net_jini_jeri
>            Reporter: Phil Steitz
>            Priority: Minor
>
> Bugtraq ID [5023464|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5023464]
> Currently jgss does not expire the session context once its session ticket expires. 
GSSContext.getLifeTime() always returns GSSContext.INDEFINITE_LIFETIME.  If a system property
should be added to allow user to set a time limit for session keys, while the Kerberos provider
still checks GSSContext.getLifeTime(), so things will work properly once jgss fixes the problem.Currently
jgss does not expire the session context once its session ticket expires.  GSSContext.getLifeTime()
always returns GSSContext.INDEFINITE_LIFETIME.  If a system property should be added to allow
user to set a time limit for session keys, while the Kerberos provider still checks GSSContext.getLifeTime(),
so things will work properly once jgss fixes the problem.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message