[36214] in Kerberos
Re: klist shows same ticket multiple times
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Jun 24 01:00:49 2014
Message-ID: <53A905F3.9070703@mit.edu>
Date: Tue, 24 Jun 2014 01:00:35 -0400
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: Ben H <bhendin@gmail.com>, kerberos@mit.edu
In-Reply-To: <CAAd7auZay8D3M-URT_5u8bxf1XkxrLNyiPib6ATSUiKJ_5tiUA@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 06/19/2014 01:25 PM, Ben H wrote:
> However I am also seeing in some scenarios what appears to be the exact
> same tickets (based on SPN, time, flags, and encryption type) listed
> multiple times in my cache.
This can happen when several processes all try to contact a service
within a short time window using the same cache. Each process checks
the cache for a service ticket, doesn't find it, gets a service ticket
from the KDC, then adds the resulting ticket to the cache. Since the
FILE ccache is append-only, all of the tickets land in the cache. It's
not usually a problem, although in extreme cases it can cause
performance issues.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
