NIM Correct Visual Identity Expiration Status
The visual status for the identities in NIM 1.1 was based
upon the highest alert status of any credential that was
associated with the identity. The correct behavior that is
now implemented is that the identity status should be based
solely upon the expiration state of the credentials obtained
by the identity provider.
For example, the Kerberos v5 identity provider will based the
identity expiration status on the initial TGT. Service tickets
with short lifetimes that expire do not prevent the acquisition
of additional service tickets. Therefore, the identity should
not be listed as expired.
ticket: new
tags: pullup
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19068
dc483132-0cff-0310-8789-
dd5450dbe970
projects / krb5.git / commit