Services4User review
Luke Howard
lukeh at padl.com
Fri Aug 21 11:46:19 EDT 2009
On 21/08/2009, at 5:36 PM, Luke Howard wrote:
>>
>> /* S4U2PROXY */
>> OM_uint32
>> gss_acquire_cred_with_creds(
>
> Could you argue that it would be better to do away with this function,
> and allow the "delegated" credential handle to be passed directly into
> gss_init_sec_context()?
That would require that impersonator_cred_handle and
verifier_cred_handle refer to the same credentials, which may not be a
safe assumption.
-- Luke
More information about the krbdev
mailing list