[16552] in Kerberos_V5_Development
Re: Linking problem with Kerberos for Windows & mod_auth_kerb.
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Dec 14 14:44:28 2010
From: Greg Hudson <ghudson@mit.edu>
To: Russ Allbery <rra@stanford.edu>
In-Reply-To: <87hbep8qh2.fsf@windlord.stanford.edu>
Date: Tue, 14 Dec 2010 14:44:16 -0500
Message-ID: <1292355856.20307.456.camel@ray>
Mime-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Tue, 2010-12-07 at 12:03 -0500, Russ Allbery wrote:
> IIRC, when I looked at this, it was the only way to actually disable the
> replay cache in MIT as recently as 1.4. I don't recall whether it was
> fixed in 1.5 or 1.6.
I believe the only way to disable the server rcache currently is to set
the environment variable KRB5RCACHETYPE to "none". That's obviously not
a good API for mod_auth_kerb because it affects the entire httpd
process, but redefining internal functions probably has the same
drawback.
That environment variable has been supported since at least krb5 1.2.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
