[19382] in Kerberos
Re: How to test if TGT has expired by using Kerberos API's?
daemon@ATHENA.MIT.EDU (Luke Howard)
Fri Jun 6 22:18:22 2003
From: Luke Howard <lukeh@PADL.COM>
Message-Id: <200306070218.MAA17995@au.padl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
To: Kent_Wu@trendmicro.com
Date: Sat, 7 Jun 2003 12:18:01 +1000
cc: kerberos@mit.edu
Reply-To: lukeh@PADL.COM
Errors-To: kerberos-bounces@mit.edu
Your program could note when the TGT is due to expire and only attempt
to acquire another TGT after that time.
-- Luke
>From: <Kent_Wu@trendmicro.com>
>Subject: How to test if TGT has expired by using Kerberos API's?
>To: <krbdev@mit.edu>
>Cc: kerberos@mit.edu
>Date: Fri, 6 Jun 2003 17:58:12 -0700
>
>Hi:
>
> I've written a program to get TGT then do the Kerberos authentication by using GSS-API afterwards but I also want to do
>it in a smarter way. What I tried to achieve is I want to check if it expires or not, if so then I issue a real TGT
>request otherwise I can save a trip. Or if there is an API which already checks this internally that would be even
>greater. By searching some materials I found some possible API's but I don't really know due to the limited documentation.
>Can somebody enlighten me a little bit on this?
>
> Another way I can think of is always doing gss_init_sec_context() first and if it returns "ticket expired" then I can
>issue a TGT request, just that the first approach sounds more logic to me and I also want to explore Kerberos API a bit
>more.
>
>Thx and have a nice weekend.
>
>Kent
>
>_______________________________________________
>krbdev mailing list krbdev@mit.edu
>https://mailman.mit.edu/mailman/listinfo/krbdev
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
