Krb_public.Cred_cacheSourcedefault returns Kerberos's notion of a "default" credential cache. This is determined by the following steps, in descending order:
libdefaults in /etc/krb5.confuid)The principal associated with default
The principal associated with the credential cache supplied
A shared MEMORY t for principal. If a previous call succeeded for the same principal, the same t is returned. The returned t is never freed, so this function should not be called with an unbounded number of unique principals.
val initialize_with_creds :
t ->
Principal.t ->
Krb_internal_public.Std.Credentials.t list ->
unit Async.Deferred.Or_error.tInitialize t with the given principal and credentials. This function updates t atomically for FILE cred caches.
Initializes the shared MEMORY cache associated with the principal of t (see in_memory_for_principal) with the credentials from t.
Return number of active credential renewal loops, as started by calls to keep_valid_indefintely. Note that it avoids creating a new loop for credentials that are already being renewed, even if keep_valid_indefinitely is called multiple times on the same cred cache with the same principal + keytab.
val keep_valid :
?refresh_every:Krb_public__.Import.Time.Span.t ->
?on_error:[ `Ignore | `Raise | `Call of Core.Error.t -> unit ] ->
?keytab:Keytab.Path.t ->
?server_cred_cache:t ->
?abort:unit Async.Deferred.t ->
t ->
unit Async.Deferred.Or_error.tIf this cred cache is expected to contain a TGT, keep that TGT valid. If it is a S4U2Self cache, keep the expected ticket valid.
A keytab should only be provided for TGT caches. It defaults to the User keytab if none is provided.
A server_cred_cache should only be provided if t is a S4U2Self cache. The default cred cache is used if none is provided.