I am using MIT Kerberos 1.2.6. I am writing an application which does multiple gss_init_sec_context on behalf of various kerberos principals / unix users (basically the application does a setuid) and also as different users (like uid=101,102). The application would do a setuid to appropriate user id (and let us assume the credentials has been already obtained by that user).
Now the problem I hit is that I am not able to do a gss_init_sec_context for a different user once the first gss_init_sec_context has been called successfully. The problem I believe is that the default credential cache has already been setup during the first call and the same is being returned for subsequent init_sec_context. This is because the kg_context (krb5_context) defined as static in the gssapi_krb5.c and has already been initialized. Is there any consequence of making this a global and if we do a gss_release_cred before the next gss_init_sec_context to clear this default context out. Or please let me know if I am missing something. TIA, S ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
