Thread Safety for gssapi (windows for kerberos. gss_import_name, gss_acquire_cred) functions.
Rahul G
rahulrasm at gmail.com
Thu Jul 6 11:07:01 EDT 2017
Hello,
I am doing some performance testing in my .NET application which uses MIT
kerberos for windows (https://github.com/krb5/krb5)
I see that when my load goes beyond some number i get Access Violation
exceptions from most of the gss api functions.
the ones I saw were
gss_import_name
gss_acquire_cred
gss_acquire_cred_impersonate_name
gss_release_cred
gss_init_sec_context
and these are the functions that I pretty much use in my application.
Having semaphores for these functions did help to some extent but not
entirely.
I have a simple use case.
My client application needs to be authenticated by a target service running
on a windows server.
so I am using the kerberos library in my client application to make AS_REQ,
TGS_REQ to a windows KDC, I put the security token in auth header for the
server to authenticate.
I was wondering if there is a limit on how much load these functions can
handle? or if there is an alternative for my specific use case.
any input will be of great help.
Thank You,
Rahul.
More information about the kfwdev
mailing list