Kerberos kinit handling w.r.t atomicity
Carson Gaspar
carson at taltos.org
Thu Jun 27 13:01:40 EDT 2013
On 6/27/13 7:10 AM, Srivatsan vn wrote:
> Hi Team,
>
> Can you please provide some insight on how to make kinit as an
> atomic operation to deal with concurrency issues. In my application env, I
> will have the periodic kinit job that runs every 8 hours to refresh the
> TGT tickets, and I will also have applications that would make kerberised
> oracle db connections round the clock.
>
> I tested running the kinit job and my applications running in parallel and
> find that the connections fail due to cache credential error. This makes me
> think that kinit is not atomic, can you please suggest possible solutions
> to this concurrency issue?
kinit into a different credential cache.
rename the new cache over the old one.
--
Carson
More information about the Kerberos
mailing list