|
|
@@ -343,8 +343,6 @@ public class KerberosAuthenticationHandler implements AuthenticationHandler {
|
|
|
authorization = authorization.substring(KerberosAuthenticator.NEGOTIATE.length()).trim();
|
|
|
final Base64 base64 = new Base64(0);
|
|
|
final byte[] clientToken = base64.decode(authorization);
|
|
|
- final String serverName = InetAddress.getByName(request.getServerName())
|
|
|
- .getCanonicalHostName();
|
|
|
try {
|
|
|
token = Subject.doAs(serverSubject, new PrivilegedExceptionAction<AuthenticationToken>() {
|
|
|
|
|
|
@@ -354,10 +352,7 @@ public class KerberosAuthenticationHandler implements AuthenticationHandler {
|
|
|
GSSContext gssContext = null;
|
|
|
GSSCredential gssCreds = null;
|
|
|
try {
|
|
|
- gssCreds = gssManager.createCredential(
|
|
|
- gssManager.createName(
|
|
|
- KerberosUtil.getServicePrincipal("HTTP", serverName),
|
|
|
- KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL")),
|
|
|
+ gssCreds = gssManager.createCredential(null,
|
|
|
GSSCredential.INDEFINITE_LIFETIME,
|
|
|
new Oid[]{
|
|
|
KerberosUtil.getOidInstance("GSS_SPNEGO_MECH_OID"),
|
Xiaoyu Yao