Hello, I observed that when a user from a sub sub domain (three levels down from top) makes a request, *init_sec_context *function* (which eventually calls get_creds.c)* stores the TGT of the sub sub domain in the ccache. Problem is, when a another user from the same domain makes a request, it stores the same TGT again and the cache now has 2 copies of the same TGT, and this continues for every user thereby increasing the memory used by the process.
Setting the flag *KRB5_GC_NO_STORE *flag solves the issue or I think I can also call the *krb5_cc_remove_cred *function to delete the tgts, but I was wondering if there is any better solution. Also would like to know if this behavior is intended or a known issue. Thank You, Rahul. _______________________________________________ kfwdev mailing list [email protected] http://mailman.mit.edu/mailman/listinfo/kfwdev
