changeset 5387:3ba27e5ab1f9

8001208: Fix for KRB5CCNAME not complete Reviewed-by: xuelei
author weijun
date Tue, 23 Oct 2012 10:02:23 +0800
parents 75f67d481b91
children 82e89c2d7095
files src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java test/sun/security/krb5/ccache/EmptyCC.java
diffstat 2 files changed, 24 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Tue Oct 23 03:00:10 2012 +0100
+++ b/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Tue Oct 23 10:02:23 2012 +0800
@@ -356,7 +356,7 @@
      * Returns path name of the credentials cache file.
      * The path name is searched in the following order:
      *
-     * 1. KRB5CCNAME
+     * 1. KRB5CCNAME (bare file name without FILE:)
      * 2. /tmp/krb5cc_<uid> on unix systems
      * 3. <user.home>/krb5cc_<user.name>
      * 4. <user.home>/krb5cc (if can't get <user.name>)
@@ -367,11 +367,19 @@
         String stdCacheNameComponent = "krb5cc";
         String name;
 
+        // The env var can start with TYPE:, we only support FILE: here.
+        // http://docs.oracle.com/cd/E19082-01/819-2252/6n4i8rtr3/index.html
         name = java.security.AccessController.doPrivileged(
                 new java.security.PrivilegedAction<String>() {
             @Override
             public String run() {
-                return System.getenv("KRB5CCNAME");
+                String cache = System.getenv("KRB5CCNAME");
+                if (cache != null &&
+                        (cache.length() >= 5) &&
+                        cache.regionMatches(true, 0, "FILE:", 0, 5)) {
+                    cache = cache.substring(5);
+                }
+                return cache;
             }
         });
         if (name != null) {
--- a/test/sun/security/krb5/ccache/EmptyCC.java	Tue Oct 23 03:00:10 2012 +0100
+++ b/test/sun/security/krb5/ccache/EmptyCC.java	Tue Oct 23 10:02:23 2012 +0800
@@ -24,9 +24,11 @@
 /*
  * @test
  * @bug 7158329
+ * @bug 8001208
  * @summary NPE in sun.security.krb5.Credentials.acquireDefaultCreds()
  * @compile -XDignore.symbol.file EmptyCC.java
- * @run main EmptyCC
+ * @run main EmptyCC tmpcc
+ * @run main EmptyCC FILE:tmpcc
  */
 import java.io.File;
 import java.io.InputStream;
@@ -40,9 +42,9 @@
 public class EmptyCC {
     public static void main(String[] args) throws Exception {
         final PrincipalName pn = new PrincipalName("dummy@FOO.COM");
-        final String ccache = "tmpcc";
+        final String ccache = args[0];
 
-        if (args.length == 0) {
+        if (args.length == 1) {
             // Main process, write the ccache and launch sub process
             CredentialsCache cache = CredentialsCache.create(pn, ccache);
             cache.save();
@@ -54,6 +56,7 @@
                     "-cp",
                     System.getProperty("test.classes"),
                     "EmptyCC",
+                    ccache,
                     "readcc"
                     );
 
@@ -77,6 +80,14 @@
             if (!cc.equals(ccache)) {
                 throw new Exception("env not set correctly");
             }
+            // 8001208: Fix for KRB5CCNAME not complete
+            // Make sure the ccache is created with bare file name
+            if (CredentialsCache.getInstance() == null) {
+                throw new Exception("Cache not instantiated");
+            }
+            if (!new File("tmpcc").exists()) {
+                throw new Exception("File not found");
+            }
             Credentials.acquireTGTFromCache(pn, null);
         }
     }