On Jun 5, 2006, at 09:11, Terry Zhuo wrote: > I am using Kerberos Login Module from JAAS for authentication. And I > cannot authenticate users with wide character names. The error I got > was: Client not found in Kerberos database (6). However, it works fine > from Windows login. Some people told me that Kerberos V5 protocol > is not > properly internationalized. Is this true? If this is, is there any > plan > to fix this problem? Is there any work around for the time being?
To expand a little on Nico's answer :-), the current spec (RFC 4120) is only really safe for ASCII names, and says so. Different implementations have historically done different things with non- ASCII names, so they are not likely to interoperate. (The same applies to passwords, by the way.) There is an effort under way to revise the spec to fix this and other problems, and hopefully updated implementations will follow. Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
