[krbdev.mit.edu #7871] KDC should not fail requests due to forwardable/proxiable option

Greg Hudson via RT rt-comment at krbdev.mit.edu
Fri Feb 28 10:35:38 EST 2014

Previous message: [krbdev.mit.edu #7865] kdb5_util doc update: -update with -ov dump not needed since -r13
Next message: [krbdev.mit.edu #7868] FAST not used for password change request
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If the client requests forwardable or proxiable tickets and the client or 
server DB entry has disallow-forwardable or disallow-proxiable set, we 
fail the request.  It would be more helpful to just issue a ticket 
without the forwardable/proxiable ticket flag set, as Heimdal and Active 
Directory do.

Previous message: [krbdev.mit.edu #7865] kdb5_util doc update: -update with -ov dump not needed since -r13
Next message: [krbdev.mit.edu #7868] FAST not used for password change request
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the krb5-bugs mailing list