From 0263c2809b3bc0abd2da38d261a46003de967d29 Mon Sep 17 00:00:00 2001 From: Weijun Wang Date: Wed, 20 May 2009 10:12:37 +0800 Subject: [PATCH] 6832353: Krb5LoginModule: use the KRB5CCNAME when searching for Kerberos ticket cache Reviewed-by: xuelei --- .../internal/ccache/FileCredentialsCache.java | 26 +++++++++++++++---- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java index 5582fd8afe9..671c271029c 100644 --- a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java +++ b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java @@ -1,5 +1,5 @@ /* - * Portions Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved. + * Portions Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -353,16 +353,32 @@ public class FileCredentialsCache extends CredentialsCache * Returns path name of the credentials cache file. * The path name is searched in the following order: * - * 1. /tmp/krb5cc_ on unix systems - * 2. /krb5cc_ - * 3. /krb5cc (if can't get ) + * 1. KRB5CCNAME + * 2. /tmp/krb5cc_ on unix systems + * 3. /krb5cc_ + * 4. /krb5cc (if can't get ) */ public static String getDefaultCacheName() { + String stdCacheNameComponent = "krb5cc"; String name; - // get cache name from system.property + name = java.security.AccessController.doPrivileged( + new java.security.PrivilegedAction() { + @Override + public String run() { + return System.getenv("KRB5CCNAME"); + } + }); + if (name != null) { + if (DEBUG) { + System.out.println(">>>KinitOptions cache name is " + name); + } + return name; + } + + // get cache name from system.property String osname = java.security.AccessController.doPrivileged( new sun.security.action.GetPropertyAction("os.name"));