[24152] in Kerberos
Re: Programming in Kerberos
daemon@ATHENA.MIT.EDU (Wyllys Ingersoll)
Mon Jun 27 16:24:02 2005
Message-ID: <42C0602C.6080003@sun.com>
Date: Mon, 27 Jun 2005 16:23:08 -0400
From: Wyllys Ingersoll <wyllys.ingersoll@sun.com>
MIME-Version: 1.0
To: brian.joh@comcast.net
In-Reply-To: <1119633372.221651.31860@g47g2000cwa.googlegroups.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
brian.joh@comcast.net wrote:
> Right, but there are also interfaces that are intended for public use
> that can only be found by looking at the source. For instance, when
> I looked at the source to some of the Kerberos applications in the
> standard distribution, I found no one uses krb5_get_in_tkt() or any
> of its variants anymore. Instead, applications generally use the
> newer, but undocumented krb5_get_init_creds_password(). Given that
> many of the commonly used functions like krb5_get_init_creds_password
> are totally undocumented, newbies, like me, HAVE to read the source,
> or risk using an older and possibly deprecated interface.
Ideally, you wouldn't use the KRB5 APIs at all, you would use GSSAPI
instead - it is standard and portable across implementations and platforms.
-Wyllys
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos