mICroSofT knows

There's guy got confused at Java's Kerberos support, the reason, AFAIK, is because he's using lower case letters in the MSAD realm name.

Certainly Java won't accept that, when the returned realm name in a KDC-REP message is (case-sensitive) different from the one sent in KDC-REQ, there's an error, and a KrbException is thrown.

I've tried to tweak the JDK codes to ignore realm name checking and do some case-changing experiments. Every one passes smoothly, realm names, host names, service names, whatever. Everything works. Microsoft just doesn't care about cases. We know it has a long history of acting like this. BASIC language doesn't care about it, neither do DOS filenames. Last time we added pre-authentication into JDK's Kerberos so that you can enter your user name as either Bill or bill or bIll. And now, do we need to meet this ignorance again?

I'm not a lawyer, I have no idea if the embrace, extend, and extinguish means is legal or illegal in what extents. When someone extends an existing standard (in the MS way), which way shall the standard goes? Just ignore it? or re-embrace it? There's surely the risk of making the standard into a total mess some time.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog has a comments managing system that requires me to approve each comment manually. Please do not re-post and I will reply it (if I have an answer) when I get pinged.

Search

Top Tags
Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today