[19867] in Kerberos_V5_Development
Re: Lines with "=" in krb5.conf
daemon@ATHENA.MIT.EDU (Alexandr Nedvedicky)
Tue Jan 15 09:59:59 2019
Date: Tue, 15 Jan 2019 15:53:24 +0100
From: Alexandr Nedvedicky <alexandr.nedvedicky@oracle.com>
To: Weijun Wang <weijun.wang@oracle.com>
Message-ID: <20190115145324.GZ24472@tbd.cz.oracle.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <B0FDE848-4C3C-4DD7-ABBB-9E242D10298A@oracle.com>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Hello Max,
let's take it off-line. I assume your kerberos is running on Solaris, right?
if it is the case, then we should take it off-list.
Send me a direct email to company address.
thanks and
regard
ssasha
On Tue, Jan 15, 2019 at 10:12:47PM +0800, Weijun Wang wrote:
> Hi All,
>
> We (Java SE at Oracle) received a bug report that Java cannot deal with krb5.conf containing the following lines:
>
> [realms]
> ATHENA.MIT.EDU = {
> auth_to_local = {
> RULE:[2:$1](johndoe)s/^.*$/guest/
> RULE:[2:$1;$2](^.*;admin$)s/;admin$//
> RULE:[2:$2](^.*;root)s/^.*$/root/
> DEFAULT
> }
> }
>
> Is this legal? I tried it with the latest MIT krb5 and saw a "krb5kdc: Improper format of Kerberos configuration file while initializing krb5" error.
>
> Or does any other krb5 vendor support this format?
>
> Thanks,
> Max
>
>
> _______________________________________________
> krbdev mailing list krbdev@mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
