KFW 3.1 credentials and the default cache

Eli Breder eli.breder at hummingbird.com
Wed Mar 7 15:34:43 EST 2007


I hope someone can help me with the following problem we are having. Net ID
Manager caches credentials by identity as opposed to the older mechanism
which stored credentials in one cache ("API:krbcc5"). As a 3rd party app, we
seem to only be able to retrieve credentials from the default cache through
the current API (KFW 3.1). We make the following API calls we make when we
attempt to get credentials for a given principal:

krb5_cc_default( m_KrbApp.krb5_ctx,  &m_KrbApp.k5_ccache );
krb5_sname_to_principal( m_KrbApp.krb5_ctx, m_KrbApp.szServerName,
KRB5_TGS_NAME, KRB5_NT_SRV_HST, &Cred->server ) );
krb5_cc_get_principal( m_KrbApp.krb5_ctx, m_KrbApp.k5_ccache, &Cred->client
krb5_cc_start_seq_get( m_KrbApp.krb5_ctx, m_KrbApp.k5_ccache, &curs ); 
krb5_cc_next_cred( m_KrbApp.krb5_ctx, m_KrbApp.k5_ccache, &curs, Cred );
krb5_cc_end_seq_get( m_KrbApp.krb5_ctx, m_KrbApp.k5_ccache, &curs );
Are there any APIs that will allow us to search or enumerate through all
available caches?
We have a similar problem when using GSSAPI.
Thank you.
Eli Breder
Software Developer

Hummingbird Connectivity - A Division of Open Text 

1010 Sherbrooke West - Suite 811

H3A 2R7, Montreal, QC 

Phone:      +1 514 281 5551 ext. 231

e-mail:      eli.breder at hummingbird.com

Web site:  http://connectivity.hummingbird.com
This e-mail is protected by domestic and international copyright laws and
treaties and is the property of Open Text Corporation, it may contain
confidential and/or trade secret information of the Open Text Corporation
and/or its subsidiaries (OTC), and may be subject to legal privilege in
favor of OTC. This e-mail may only be lawfully received, accessed, displayed
on a computer screen, printed, copied, and/or used by the specific
addressee(s) named above ("Authorized Recipient") for the purpose for which
it was sent by OTC. All other rights and licenses to this e-mail are fully
reserved to OTC. If you are not an Authorized Recipient, you are required to
immediately delete this e-mail in its entirety without printing, copying,
using, and/or re-transmitting this e-mail, either in whole or in part. The
transmission of this e-mail by OTC is not to be construed as a waiver by OTC
and/or the individual sending this e-mail on behalf of OTC of any of their
respective rights or privileges at law or otherwise, howsoever arising.


More information about the krbdev mailing list