Credential cache searching, ccapi and file caches
Sam Hartman
hartmans at MIT.EDU
Wed Jul 14 17:29:14 EDT 2004
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
Nicolas> Initiator non-GSS_C_NO_CREDENTIAL credentials acquired
Nicolas> for GSS_C_NO_NAME should continue to reference whatever
Nicolas> principal name was determined at credential acquisition
Nicolas> time.
No, they should not. I think it is more important to preserve the
behavior that GSS_C_NO_CREDENTIAL passed into gss_init_sec_context
works the same as GSS_C_NO_NAME passed into gss_acquire_credentials
than it is to preserve the behavior that credentials always refer to
the same named principal.
In the default case we're shooting for we won't know what named
credential to use until we know what the target name is.
More information about the krbdev
mailing list