Multiple copies of service ticket created
Arpit Srivastava
arpit.orb at gmail.com
Wed Mar 6 02:42:49 EST 2013
Hi,
1. I am trying to request a service ticket of lifetime different than that
of TGT by setting the *time_req *parameter* *in
gsswrapper.gss_init_sec_context() function to emulate a test case
lifetime(service ticket) < lifetime(TGT)
2. However, in that case, although I am able to get a service ticket which
has lifetime validity less than that of TGT, but then everytime I am
running the while loop (gsswrapper.gss_init_sec_context()), a new copy of
the service ticket corresponding to same service is being generated.
Ideally, it should maintain only a single copy of service ticket and renew
it each time. Is there anything wrong with my understanding here ?
3. How to handle the situation using GSS APIs a) TGT expired and kinit
should be fired again b) Service ticket expired but TGT valid, so renew the
service ticket.
Regards,
Arpit
More information about the krbdev
mailing list