[19799] in Kerberos_V5_Development
Aggressive kinit timeouts
daemon@ATHENA.MIT.EDU (Jonathan Maron)
Tue Aug 7 06:47:22 2018
From: Jonathan Maron <jonathan.maron@oracle.com>
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Message-Id: <F52C0A57-62CB-4C75-ABD5-4B015ADD169B@oracle.com>
Date: Tue, 7 Aug 2018 06:46:54 -0400
To: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
We have an LDAP realm setup that doesn’t communicate with a local LDAP DB, but rather goes through a number of gateways to access a remote LDAP resource. This introduces some latency that at times exceeds 1 second. That appears to be an issue - we often see authentication failures, possibly since the order of responses for repeated AS_REQ may be out of order? Anyhow, we are definitely seeing auth failures, and the 1 second timeout appears to play a role.
We are unfortunately still using version 1.10. Has this issue been addressed in subsequent versions? Is the 1 second timeout now configurable?
— Jon
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev