[3591] in Kerberos
Re: Let's make some decisions re Kerberos 4 credential cache API
daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Thu Jul 21 14:17:34 1994
To: rsalz@osf.org
Cc: kerberos@MIT.EDU
In-Reply-To: Your message of "21 Jul 1994 16:48:24 GMT"
Date: Thu, 21 Jul 1994 13:51:17 -0400
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
From: rsalz@osf.org (Rich Salz)
Subject: Re: Let's make some decisions re Kerberos 4 credential cache API
Date: 21 Jul 1994 16:48:24 GMT
> >For this reason, and for compatability with the
> >traditional Kerberos API, there appears to be no reason to be passing
> >cache identifiers in ANY of the function calls.
>
> For what it's worth, this is the same model that DCE uses for its
> "login context". A default one is inherited and used, but a program
> can create and delete caches and pick one of them to be the default.
> It can also get a cache "handle" to that cache which it can pass to another
> program to import.
One thing which is different in DCE is that the "login context" (which
is a kerberos v5 credential cache plus some additional state
information) *is* passed as an explicit cache identifier in most of
the DCE API calls which care about such things.
The kerberos v5 API is set up the same way.
- Bill
