gss_acquire_cred with GSS_C_BOTH usage option
Ken Raeburn
raeburn at MIT.EDU
Thu Sep 29 07:30:01 EDT 2005
On Sep 28, 2005, at 17:57, Sam Hartman wrote:
> I see your point and I agree the Heimdal behavior is useful in the
> case you describe.
Me too.
> However it seems to violate the principle of least surprise. If I
> change my application to start requesting initiator credentials
> instead of both credentials then initiator credentials can stop
> working if I don't have a current cache.
Either I'm misunderstanding what you mean, or I'm confused. It seems
to me it's only the effect on the initiator side of things (in a
single exchange) that we're discussing. Why would "initiator" versus
"both" make a difference?
Ken
More information about the krbdev
mailing list