In the MIT code, if you receive the following errors:
KRB5KRB_AP_ERR_TKT_EXPIRED /* ticket was expired */
KRB5KRB_AP_ERR_BAD_INTEGRITY /* can't decrypt */
KRB5KRB_AP_ERR_BADKEYVER /* they can't find the right key */
It pretty strongly suggests that something is hosed with the
ticket we used to create the AP-REQ, and that maybe we should
try to get a fresh one. However, short of completely nuking
the current credential cache, I don't see that there's a
very easy way to kill off the offending credentials in
the credential cache.
Am I missing something? How do other applications
deal with these sort of errors (other than
complaining to the user)?
--
Michael Thomas ([EMAIL PROTECTED] http://www.mtcc.com/~mike/)
Multi-mode fiber with an optical splitter |
B G P sessions conFIGGED not to litter | My Fav'rite 'Net Things
Reverting from A T M back to I P | by kc claffy, CAIDA
These are a few of my fav'rite `Net things |
