My application uses openldap and GSSAPI to connect to a remote LDAP server.
GSSAPI leverages kerberos as the transport mechanism.
I want to authenticate multiple different users at the same time, but kinit
allows me only to store a single principal in the kerberos cache (at least in
the default FILE cache).
I read about using the DIR cache or setting environment variables to use
different caches, one for each user. But I was wondering if it is possible to
avoid all of this, and simply not have a cache, but maintain all the tickets in
memory.
The idea is to create the tickets using the kerberos APIs, not storing them in
cache but simply keeping them in my process memory. And then pass these tickets
to the ldap functions to connect to the ldap server.
Is this possible? Is there any sample available?
Regards,
Bernardo
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
