view test/sun/security/krb5/krb5-capaths.conf @ 8836:1d98f0be7c8d

Merge from main OpenJDK repository
author Greg Lewis <glewis@eyesbeyond.com>
date Sat, 03 Feb 2018 21:37:28 -0800
parents 86ace035d04d
children
line wrap: on
line source
[capaths]

# http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/capaths.html

ANL.GOV = {
    TEST.ANL.GOV = .
    PNL.GOV = ES.NET
    NERSC.GOV = ES.NET
    ES.NET = .
}
TEST.ANL.GOV = {
    ANL.GOV = .
}
PNL.GOV = {
    ANL.GOV = ES.NET
}
#NERSC.GOV = {
#    ANL.GOV = ES.NET
#}
ES.NET = {
    ANL.GOV = .
}
NERSC.GOV = {
    ANL.GOV = ES.NET
    TEST.ANL.GOV = ES.NET
    TEST.ANL.GOV = ANL.GOV
    PNL.GOV = ES.NET
    ES.NET = .
}

# The original JDK example

TIVOLI.COM = {
    IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
    IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
    LDAPCENTRAL.NET = .
}

# https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/Setting_Up_Cross_Realm_Authentication.html

A.EXAMPLE.COM = {
    B.EXAMPLE.COM = .
    C.EXAMPLE.COM = B.EXAMPLE.COM
    D.EXAMPLE.COM = B.EXAMPLE.COM
    D.EXAMPLE.COM = C.EXAMPLE.COM
}

# Full path

A1.COM = {
    A2.COM = .
    A3.COM = A2.COM
    A4.COM = A2.COM
    A4.COM = A3.COM
}

# Shortest path

B1.COM = {
    B2.COM = .
    B3.COM = B2.COM
    B4.COM = B3.COM
}

# If no sRealm key, fallback to hierarchy

C1.COM = {
    C3.COM = C2.COM
}

# cRealm is "."

D1.COM = {
    D2.COM=D1.COM
}

# Bad cases

E1.COM = {
    E2.COM = E2.COM
    E3.COM = E4.COM
    E3.COM = .
}

G1.COM = {
    G2.COM = G3.COM
    G3.COM = G2.COM
}

I1.COM = {
    I2.COM = I3.COM
    I3.COM = I2.COM
    I4.COM = I5.COM
}

# 7019384

A9.PRAGUE.XXX.CZ = {
    PRAGUE.XXX.CZ = .
    ROOT.XXX.CZ = PRAGUE.XXX.CZ
    SERVIS.XXX.CZ = ROOT.XXX.CZ
}