gss_accept_sec_context failing after getting service ticket using service name and password
hartmans at MIT.EDU
Sun May 28 22:36:39 EDT 2006
>>>>> "Michael" == Michael B Allen <mba2000 at ioplex.com> writes:
Michael> On Fri, 26 May 2006 01:25:39 -0500
Michael> Nicolas Williams <Nicolas.Williams at sun.com> wrote:
>> > Is there a way > to convert from krb5_creds to gss_cred_id_t?
>> No, there isn't.
>> For Solaris Nevada we're looking at adding a mechanism-specific
>> gss_acquire_cred_from_ccache() GSS-API extension.
Michael> At some point don't you just want to punt and use opaque
Michael> types? Using an import/export or inquire_by_oid kind of
Michael> interface implies the result can be represented in a
Michael> serialized form which is somewhat annoying.
We've discussed this with regard to a similar issue in the kitten
working group and concluded that at least for things we want to
standardize, we always want to guarantee there is a serialized form.
More information about the krbdev