Bradley Kite
2016-08-31 10:38:19 UTC
Hi there,
I'm quite new to the gssapi, but my use-case is slightly different from the
norm.
I'm trying to write a "multi-tenanted" app where different threads need to
run gssapi functions but using different keytab files (based on the tenant)
- so setting KRB5_KTNAME (via putenv()) is not going to work unless I use
some kind of locking/synchronisation which is going to be horrible for
performance.
I've looked through the docs for some kind of profile or configuration
context that can be passed into a variant of gss_accept_sec_context() but
I've not been able to find anything so far.
Am I trying to do something that is not currently possible?
I'd be glad to hear of any ideas that anyone might have for how to solve
this problem.
Many thanks in advance.
I'm quite new to the gssapi, but my use-case is slightly different from the
norm.
I'm trying to write a "multi-tenanted" app where different threads need to
run gssapi functions but using different keytab files (based on the tenant)
- so setting KRB5_KTNAME (via putenv()) is not going to work unless I use
some kind of locking/synchronisation which is going to be horrible for
performance.
I've looked through the docs for some kind of profile or configuration
context that can be passed into a variant of gss_accept_sec_context() but
I've not been able to find anything so far.
Am I trying to do something that is not currently possible?
I'd be glad to hear of any ideas that anyone might have for how to solve
this problem.
Many thanks in advance.