replay cache proposal
Pitrich, Karl
karl.pitrich at fabasoft.com
Tue Apr 19 05:31:56 EDT 2005
Hi,
I encounter problems with the replay cache on the client side
while using a SPNEGO auth module for apache.
The replay cache, per default, gets persisted in files.
Under heavy load, the replay cache runs out of FD's ('to many open
files').
Further, when using multiple kerberized Webservices on one machine
for concurrent access by one webclient(user), the replay cache becomes
effective, because it is system global, which is IMHO not correct
default behaviour.
IMHO it would be better to make the replay cache configurable at runtime
via environment variable (KRB_RC_INMEMORY).
If you concur to this proposal, I'll submit a patch shortly.
greetings,
/ Karl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20050419/526e4d9b/attachment.bin
More information about the Kerberos
mailing list