context, threads, and both

John Rudd jrudd at
Tue May 31 21:00:30 EDT 2005

While I have been a kerberos realm admin for a while, I'm new to doing 
kerberos development (and by that I mean "developing something that 
uses kerberos libraries" as opposed to "developing parts of kerberos"; 
I hope that's what this list is intended for).  So, I have a couple 

1) I'm writing a persistent program which will be checking taking 
requests to validate whether or not a principle name and passphrase are 
valid.  One instance of the program could end up running for months or 
longer.  Right now, I have it doing 1 context initialization, but since 
so  many other things in kerberos have life-times, I want to be sure 
that I wont need to refresh this with a new initialization 
periodically.  Do I just need the one initialization at start-up, or do 
I need to re-do that periodically?

2) I seem to recall that kerberos libraries are not thread safe.  Is 
that accurate?  If I decide to multi-thread this program, do I need to 
wrap the kerberos calls with mutex's?

3) What about the context and each thread?  Does each thread need its 
own context?  (does the "is or is not thread-safe" aspect depend upon 
whether or not each thread has its own context?)

More information about the krbdev mailing list