[ZOOKEEPER-1196] improve Kerberos name parsing and canonicalization testing - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: server, tests
Labels:
None

Tags:
security

Description

Currently we are not testing Kerberos name parsing. Kerberos name parsing is error prone because Keberos principals are complex; see http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-user/What-is-a-Kerberos-Principal_003f.html.

Bugs such as https://issues.apache.org/jira/browse/ZOOKEEPER-1195 would have been caught, had we better tests. Although we cannot test (yet) a full end-to-end KDC realm, we can at least test Kerberos principal syntax and semantics.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SaslAuthNameTest.patch
24/Sep/11 14:32
8 kB
Tom Klonikowski

Issue Links

is related to

ZOOKEEPER-1195 SASL authorizedID being incorrectly set: should use getHostName() rather than getServiceName()

Closed

Activity

People

Assignee:: Eugene Joseph Koontz

Reporter:: Eugene Joseph Koontz

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 20/Sep/11 17:28

Updated:: 24/Sep/11 14:32