sasl-javax: Do not set system properties in SASLGSSAPIMechanism

Smack did this for a long time, since eb56f8a55 ("GSSAPI work by Jay
Kline (SMACK-218)."). Not always in a static block though. But
irregardless this is bad practice as it causes side-effects and may
overrides settings.

For example, one users reports:

java.lang.SecurityException: java.io.IOException: gss.conf (No such file or directory)
    at sun.security.provider.ConfigFile$Spi.<init>(ConfigFile.java:137)
    at sun.security.provider.ConfigFile.<init>(ConfigFile.java:102)
    at sun.reflect.GeneratedConstructorAccessor119.newInstance(Unknown Source)
This commit is contained in:
Florian Schmaus 2019-09-25 23:36:21 +02:00
bovenliggende eeb6c52f7e
commit 35cf094386
1 gewijzigde bestanden met toevoegingen van 0 en 5 verwijderingen

Bestand weergeven

@ -29,11 +29,6 @@ public class SASLGSSAPIMechanism extends SASLJavaXMechanism {
public static final String NAME = GSSAPI;
static {
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
System.setProperty("java.security.auth.login.config", "gss.conf");
}
@Override
public boolean authzidSupported() {
return true;