below
On 9/12/2007 8:54 AM, Nik Conwell wrote:
>
> On Sep 11, 2007, at 3:00 PM, Paul M Fleming wrote:
>
>> I had the same problems. if you google for this you'll find a
>> discussion regarding how SASL context expires should be handled.
>> Heimdal allows expired contexts to be used after ex
On Sep 11, 2007, at 3:00 PM, Paul M Fleming wrote:
> I had the same problems. if you google for this you'll find a
> discussion regarding how SASL context expires should be handled.
> Heimdal allows expired contexts to be used after expiration. MIT
> does not.
Thanks. I had seen your post
I had the same problems. if you google for this you'll find a discussion
regarding how SASL context expires should be handled. Heimdal allows
expired contexts to be used after expiration. MIT does not.
1) indefinitely long means the default lifetime of your KDC or the
individual keys involved.
My frontends authenticate to the backends using GSSAPI. Every 5
hours the frontends do a kinit to get a TGT to talk to the backend
and all is good.
However, if the frontend imap (proxyd) is proxying a session for more
than 10 hours I get:
imaps[3207]: GSSAPI Error: The context has expi