[32173] in Kerberos
Re: Regarding Replay cache usage in memory..
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Mar 23 12:44:57 2010
From: Greg Hudson <ghudson@mit.edu>
To: Prashant Gupta <prashant1803@gmail.com>
In-Reply-To: <ea67e2ce1003222227o1038fdc4jb87eab218cae84a6@mail.gmail.com>
Date: Tue, 23 Mar 2010 12:44:52 -0400
Message-ID: <1269362692.7493.456.camel@ray>
Mime-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, 2010-03-23 at 01:27 -0400, Prashant Gupta wrote:
> I am using MIT kerberos library for authentication in my project and I am
> seeing performance issue while using default replay cache i.e. dfl. I would
> like to know how can I enable the in memory replay cache.
There is no memory replay cache type; there is only "dfl" (file-based)
and "none". Your protocol may not need a replay cache (basically, if
the client and the server both contribute fresh elements to each
exchange), in which case "none" may be appropriate.
You can use the "none" rcache type by setting the environment variable
KRB5RCACHETYPE to "none". I don't see any way to do this
programmatically at present, which is a little surprising to me
(basically, we don't expose krb5_rc_resolve_full, so there's no way to
create a specific type of rcache to use with krb5_auth_con_setrcache or
gss_krb5_set_cred_rcache).
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
