Multiple cache files

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view

Multiple cache files


I have the following situation.
I have my Kerberos client(Linux) running on a device, which has access to
the KDC and Active Directory(AD) Server.
My Kerberos client process is run by the root.

I have another application(which can run from anywhere but has access to my
device) which uses the Kerberos client above to authenticate the user and
access the AD server.
When the user logon to the device, the credentials cache is generated with
the username(krb5cc_%{username}), which is nothing but the root

When a second user logon on before the first user logout, the first 'cc' is
replaced with the principal of the second user (Correct me).

I need a way to have 'cc' created for each user and enable access to the AD
server indepently from different instances of the application.

To achieve that, I have modified the krb5 default cc to use the principal
name. However, I am not sure if I am doing it right because, when the user
tries to login further, it always tries to look for the default cc.

Could anyone throw some light on using multiple cc or cc/user from the same
client simultaneously?

krbdev mailing list             [hidden email]
Reply | Threaded
Open this post in threaded view

Re: Multiple cache files

Greg Hudson
On 04/19/2017 04:09 PM, MANOJ KUMAR ENAGANTI wrote:
> I have the following situation.

Please resend your question to [hidden email].  [hidden email] is for
discussion among developers of MIT krb5.
krbdev mailing list             [hidden email]