Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/test/sun/security/krb5/auto/W83.java
changeset 5802 ea99d72d3c19
parent 5774 4b9857e483c1
child 7172 01308fd663b3 
--- a/jdk/test/sun/security/krb5/auto/W83.java	Wed Jun 16 14:07:47 2010 -0700
+++ b/jdk/test/sun/security/krb5/auto/W83.java	Thu Jun 17 13:46:15 2010 +0800
@@ -23,8 +23,9 @@
 
 /*
  * @test
- * @bug 6951366
+ * @bug 6932525 6951366 6959292
  * @summary kerberos login failure on win2008 with AD set to win2000 compat mode
+ * and cannot login if session key and preauth does not use the same etype
  */
 import com.sun.security.auth.module.Krb5LoginModule;
 import java.io.File;
@@ -52,8 +53,6 @@
         new File(OneKDC.KRB5_CONF).deleteOnExit();
         new File(OneKDC.KTAB).deleteOnExit();
 
-        kdc.setOption(KDC.Option.ONLY_RC4_TGT, true);
-
         KeyTab ktab = KeyTab.getInstance(OneKDC.KTAB);
         for (int etype: EType.getBuiltInDefaults()) {
             if (etype != EncryptedData.ETYPE_ARCFOUR_HMAC) {
@@ -61,6 +60,15 @@
             }
         }
         ktab.save();
+
+        // For 6932525 and 6951366, make sure the etypes sent in 2nd AS-REQ
+        // is not restricted to that of preauth
+        kdc.setOption(KDC.Option.ONLY_RC4_TGT, true);
+        x.go();
+
+        // For 6959292, make sure that when etype for enc-part in 2nd AS-REQ
+        // is different from that of preauth, client can still decrypt it
+        kdc.setOption(KDC.Option.ONLY_RC4_PREAUTH, true);
         x.go();
     }
jdk-sandbox