Preauth plugin adding PA-FX-COOKIE
Sam Hartman
hartmans at MIT.EDU
Fri May 20 10:55:16 EDT 2011
>>>>> "Linus" == Linus Nordberg <linus at nordu.net> writes:
Linus> Hi, How can a preauth plugin affect the pa-data cookie being
Linus> returned in a KRB-ERROR? It looks like a cookie is
Linus> unconditionally created and added by get_preauth_hint_list()
Linus> after the edata_proc function (get_edata) for the plugin has
Linus> been invoked.
It can't.
We need to add some facility for managing cookies in the KDC.
If you'd be interested in chatting about a design I'd be delighted to
discuss.
--Sam
More information about the krbdev
mailing list