gss_init_sec_context() failed: : Ccache function not supported:
Jeffrey Altman
jaltman2 at nyc.rr.com
Wed Apr 13 00:11:54 EDT 2005
Kevin Coffman wrote:
>>Sure, but it doesn't sound like gss_init_sec_context should do any of
>>these.
>
>
> Doesn't it, as a by-product, get a service ticket and store it?
The way it works is that when the MSLSA ccache is asked to store
a ticket in the cache, the library in turn issues a Ticket Getting
Request to the LSA which in turn results in the ticket appearing
in the LSA cache.
The only ccache api functions which return a KRB5_CC_READONLY error are:
generate_new
store (only if the LSA is unable to obtain a matching ticket)
remove_cred
Now there is one possibility. Perhaps the Windows Kerberos subsystem
has no knowledge of the realm from which you are obtaining tickets.
If the realm information is only located in the krb5.ini file and
has not been configured via ksetup.exe, you may see KRB5_CC_READONLY
errors.
Jeffrey Altman
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
More information about the Kerberos
mailing list