[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: heimdal-discuss@sics.se
From: "Eugeny S. Mints" <jack@oktet.ru>
Date: Thu, 24 Oct 2002 22:39:34 +0400 (MSD)
Reply-To: Eugeny.Mints@oktet.ru
Sender: owner-heimdal-discuss@sics.se

Hi!

Please forward my question to the apropriate list if this list is wrong
place for it.

Could anybody clarify a usage of krb5_context and krb5_auth_context
structures in more words than 'krb5_context is designed to represent the
per process stae and krb5_auth_context per connection context'. Examples
of usage in multi user, multi processes enviroment are very aprecatable.

One more question about credentals caches. Let:
user0 executes ./kinit -ccache=cache0; as I understand after that 
user0 has TGT for a KDC and this credentals is located in credentals cache
'cache0'. (let in user0' realm is only one KDC and application server the
user is going to connect locates in the same realm).
then user0 execute ktelnet to server 'server0' and after that has the
following cache0 state: TGT and cred0-to-server0.

Then I'll change default cache for user0 to cache1 which is empty
and 
again execute ,say, ktelnet server0. The queston is: will a new TGT be
obtained in this case and placed into credental cache cache1?

And if yes, what is the reason for such behavior - in this case two
different valid TGTs exist at the same time for only 2 principals - user0
and KDC.

Thanks in advance,
			Eugeny

Follow-Ups:
- Re: none
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: Re: Remote vulnerability in kadmind
Next by Date: Re: Remote vulnerability in kadmind
Prev by thread: kadmind exploits
Next by thread: Re: none
Index(es):
- Date
- Thread