[3704] in Kerberos-V5-bugs
[krbdev.mit.edu #1279] Internal API change to support hardware preauth better
daemon@ATHENA.MIT.EDU (Ken Hornstein via RT)
Tue Dec 17 13:18:24 2002
Message-Id: <rt-1279-3780.17.4291534972775@krbdev.mit.edu>
In-Reply-To: <rt-1279@krbdev.mit.edu>
From: "Ken Hornstein via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Tue, 17 Dec 2002 13:17:44 -0500 (EST)
If krb5_get_init_creds() gets an error, it will retry the request
against the master KDC. This doesn't involve any more user interaction,
since the password is cached in a callback structure. But in the
hardware preauthentication case, a user is asked for their hardware
token multiple times.
The library needs to cache the hardware token information so it doesn't
prompt the user for the token again.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
