gss_init_sec_context with delegated_cred_handle error

Xie, Hugh hugh.xie at bankofamerica.com
Tue Apr 7 13:24:42 EDT 2015


Thanks. Will upgrade to 1.11

-----Original Message-----
From: Greg Hudson [mailto:ghudson at mit.edu] 
Sent: Tuesday, April 07, 2015 11:56 AM
To: Xie, Hugh
Subject: Re: gss_init_sec_context with delegated_cred_handle error

On 04/07/2015 08:32 AM, Xie, Hugh wrote:
> Will gss_acquire_cred automatically refresh the cache if credential in KRB5CCNAME file expired? If not, is that a way to force refresh without removing the file?
> 
> I am using KRB5 v1.10.

If the creds were obtained automatically using the keytab, they will be refreshed from the keytab once they are halfway to expiring.

However, keytab initiation was first implemented in 1.11, so it won't work if you're using 1.10.

----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer.   If you are not the intended recipient, please delete this message.


More information about the Kerberos mailing list