jdk/test/sun/security/krb5/krb5-capaths.conf - edge/openjdk - Git at Google

 [capaths]

 # http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/capaths.html

 ANL.GOV = {
     TEST.ANL.GOV = .
     PNL.GOV = ES.NET
     NERSC.GOV = ES.NET
     ES.NET = .
 }
 TEST.ANL.GOV = {
     ANL.GOV = .
 }
 PNL.GOV = {
     ANL.GOV = ES.NET
 }
 #NERSC.GOV = {
 #    ANL.GOV = ES.NET
 #}
 ES.NET = {
     ANL.GOV = .
 }
 NERSC.GOV = {
     ANL.GOV = ES.NET
     TEST.ANL.GOV = ES.NET
     TEST.ANL.GOV = ANL.GOV
     PNL.GOV = ES.NET
     ES.NET = .
 }

 # The original JDK example

 TIVOLI.COM = {
     IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
     IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
     LDAPCENTRAL.NET = .
 }

 # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/Setting_Up_Cross_Realm_Authentication.html

 A.EXAMPLE.COM = {
     B.EXAMPLE.COM = .
     C.EXAMPLE.COM = B.EXAMPLE.COM
     D.EXAMPLE.COM = B.EXAMPLE.COM
     D.EXAMPLE.COM = C.EXAMPLE.COM
 }

 # Full path

 A1.COM = {
     A2.COM = .
     A3.COM = A2.COM
     A4.COM = A2.COM
     A4.COM = A3.COM
 }

 # Shortest path

 B1.COM = {
     B2.COM = .
     B3.COM = B2.COM
     B4.COM = B3.COM
 }

 # If no sRealm key, fallback to hierarchy

 C1.COM = {
     C3.COM = C2.COM
 }

 # cRealm is "."

 D1.COM = {
     D2.COM=D1.COM
 }

 # Bad cases

 E1.COM = {
     E2.COM = E2.COM
     E3.COM = E4.COM
     E3.COM = .
 }

 G1.COM = {
     G2.COM = G3.COM
     G3.COM = G2.COM
 }

 I1.COM = {
     I2.COM = I3.COM
     I3.COM = I2.COM
     I4.COM = I5.COM
 }

 # 7019384

 A9.PRAGUE.XXX.CZ = {
     PRAGUE.XXX.CZ = .
     ROOT.XXX.CZ = PRAGUE.XXX.CZ
     SERVIS.XXX.CZ = ROOT.XXX.CZ
 }
	[capaths]

	# http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/capaths.html

	ANL.GOV = {
	TEST.ANL.GOV = .
	PNL.GOV = ES.NET
	NERSC.GOV = ES.NET
	ES.NET = .
	}
	TEST.ANL.GOV = {
	ANL.GOV = .
	}
	PNL.GOV = {
	ANL.GOV = ES.NET
	}
	#NERSC.GOV = {
	# ANL.GOV = ES.NET
	#}
	ES.NET = {
	ANL.GOV = .
	}
	NERSC.GOV = {
	ANL.GOV = ES.NET
	TEST.ANL.GOV = ES.NET
	TEST.ANL.GOV = ANL.GOV
	PNL.GOV = ES.NET
	ES.NET = .
	}

	# The original JDK example

	TIVOLI.COM = {
	IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
	IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
	LDAPCENTRAL.NET = .
	}

	# https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/Setting_Up_Cross_Realm_Authentication.html

	A.EXAMPLE.COM = {
	B.EXAMPLE.COM = .
	C.EXAMPLE.COM = B.EXAMPLE.COM
	D.EXAMPLE.COM = B.EXAMPLE.COM
	D.EXAMPLE.COM = C.EXAMPLE.COM
	}

	# Full path

	A1.COM = {
	A2.COM = .
	A3.COM = A2.COM
	A4.COM = A2.COM
	A4.COM = A3.COM
	}

	# Shortest path

	B1.COM = {
	B2.COM = .
	B3.COM = B2.COM
	B4.COM = B3.COM
	}

	# If no sRealm key, fallback to hierarchy

	C1.COM = {
	C3.COM = C2.COM
	}

	# cRealm is "."

	D1.COM = {
	D2.COM=D1.COM
	}

	# Bad cases

	E1.COM = {
	E2.COM = E2.COM
	E3.COM = E4.COM
	E3.COM = .
	}

	G1.COM = {
	G2.COM = G3.COM
	G3.COM = G2.COM
	}

	I1.COM = {
	I2.COM = I3.COM
	I3.COM = I2.COM
	I4.COM = I5.COM
	}

	# 7019384

	A9.PRAGUE.XXX.CZ = {
	PRAGUE.XXX.CZ = .
	ROOT.XXX.CZ = PRAGUE.XXX.CZ
	SERVIS.XXX.CZ = ROOT.XXX.CZ
	}