I am currently working on the Kerberos Authentication using Mongo Java driver.
To successfully authenticate via Kerberos using Mongo Java driver, the connector typically must specify several system properties like:
java.security.krb5.conf
java.security.krb5.realm
java.security.krb5.kdc
javax.security.auth.useSubjectCredsOnly
java.security.auth.login.config (gss-jaas.conf)
so that the underlying GSSAPI Java libraries can acquire a Kerberos ticket as Mongo Java driver also handles the authentication through JAAS and the Java GSS-API.
But in my Client’s run-time environment, it is a problem because the SecurityManager will prevent the execution of privileged actions and the access to classes stored within many of the sun.security package making it unsuitable for multi-tenant environment.
So I am asked to modify the Mongo Java driver code in order to keep away from using JAAS and the Java GSS-API. But my concern is , if I will go ahead and modify the code of Java driver, I might run into some more issues. Kindly advice if tweaking the java driver code is advisable here ?