[28644] in Kerberos
question on gss_acquire_cred
daemon@ATHENA.MIT.EDU (Priya Govindarajan)
Fri Nov 2 15:31:36 2007
To: kerberos@mit.edu
MIME-Version: 1.0
Message-ID: <OF47FC7383.DD066351-ON87257387.0068BC43-88257387.0069F047@us.ibm.com>
From: Priya Govindarajan <govindap@us.ibm.com>
Date: Fri, 2 Nov 2007 12:17:31 -0700
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi,
I am trying to understand how gss_acquire_cred works.
When trying gss_server and gss_client - sample programs : When
gss_server run as user root the gss_acquire_cred function executes without
any errors. (The service principal key is added to the keytab file)
When I execute gss_server as another other user I get the following error
"server_acquire_creds: sample
server_acquire_creds: calling gss_acquire_credGSS-API error acquiring
credentials: Miscellaneous failure
GSS-API error acquiring credentials: Permission denied"
My understanding is gss_acquire_cred tries to get the default credential
from credential cache. How does gss_server as user root is able to
execute gss_acquire_cred function without any cred in credential cache.
What is problem when executing gss_server as anyother user ?
Thanks,
Priya
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
