Closed brandonto closed 1 year ago
That option doesn't do what you think; it's for caching incoming credentials on the server side. On the client you need to just set this in krb5.conf or whatever.
Hi @hyc , thanks for the response.
I believe I have found the configuration option you are talking about. My question is... how do I tell libsasl2 where the krb5.conf file is if it isn't in the default location?
The application I'm working with uses sasl_client_new
as the first point of interaction with libsasl2. I don't see any options I can tell sasl_client_new
to give libsasl2 this information.
Check the documentation of the Kerberos library you're using. Usually you can set an environment variable to tell the kerberos library what to look for. Cyrus SASL has no control over that.
Hi,
I am trying to get kerberos authentication working for a project. The project requires a non-default location for the credential cache... I believe this
ccache_store
GSSAPI option is used for this purpose. https://www.cyrusimap.org/sasl/sasl/options.htmlAlthough the docs are for v2.1.28, I can't seem to find the getopt call for
ccache_store
anywhere in the source code for v2.1.28:% ack "\"ccache" mac/CommonKClient/mac_kclient3/Headers/Kerberos5/krb5.h 1142: * begin "ccache.h" 1219: * end "ccache.h"
So I turned to the current revision in master where I did find the getopt call for
ccache_store
. However, getopt forccache_store
doesn't seem to be invoked, evident by logs that I put in the callback function for getopt passed as an argument tosasl_client_new
.Are there any additional steps required (perhaps in the configuration of cyrus sasl?) to get this working?