Preauth plugin adding PA-FX-COOKIE
Alejandro Perez Mendez
alex at um.es
Tue May 17 03:14:49 EDT 2011
I cannot tell you how it is suppoused to be done, but I can tell you how
I did it :). To create the PA-FX-COOKIE PADATA just include it in the
e-data element of the KRB_ERROR message, as you will do to generate any
other "custom" PADATA.
El 16/05/11 11:43, Linus Nordberg escribió:
> How can a preauth plugin affect the pa-data cookie being returned in a
> KRB-ERROR? It looks like a cookie is unconditionally created and added
> by get_preauth_hint_list() after the edata_proc function (get_edata) for
> the plugin has been invoked.
> Adding a get_cookie method to krb5plugin_preauth_server_ftable_v1 or
> adding a krb5_pa_data *pa_cookie argument to edata_proc would be two
> possible solutions.
> krbdev mailing list krbdev at mit.edu
More information about the krbdev