Exporting/Importing credentials

Sam Hartman hartmans at MIT.EDU
Mon Apr 14 15:07:04 EDT 2003


>>>>> "Il-Sung" == Il-Sung Lee <ilslee at ca.ibm.com> writes:

    Il-Sung> Does anyone know how to export/import credentials using
    Il-Sung> GSS-API?  I was hoping that there were APIs similar to
    Il-Sung> gss_export_sec_context/gss_import_sec_context for use
    Il-Sung> with credentials so that I could pass the delegated
    Il-Sung> credentials from one process to another.  As far as I can
    Il-Sung> tell, the delegated credential is only available in the
    Il-Sung> memory cache of the process accepting the context.

    Il-Sung> Any suggestions would be appreciated.

First, you can always export the context, import it and access the
credentials through inquiring the context.  OR at least I think that
works.

If you want a mechanism that works for krb5 only you can use
GSS_DLLIMP OM_uint32 KRB5_CALLCONV gss_krb5_copy_ccache
	PROTOTYPE((OM_uint32 *minor_status,
		   gss_cred_id_t cred_handle,
		   krb5_ccache out_ccache));



More information about the Kerberos mailing list