Services4User review

Luke Howard lukeh at
Sat Aug 22 07:20:41 EDT 2009

And the really cool thing is that the application developer does not  
have to use any new APIs to use constrained delegation (and only one  
to use protocol transition). The API is exactly the same as it is for  
"unconstrained" delegation.

(Of course, whether constrained delegation will be successful is  
subject to the policy of the KDC.)

-- Luke

More information about the krbdev mailing list