Subject: | KDC should not fail requests due to forwardable/proxiable option |
If the client requests forwardable or proxiable tickets and the client or
server DB entry has disallow-forwardable or disallow-proxiable set, we
fail the request. It would be more helpful to just issue a ticket
without the forwardable/proxiable ticket flag set, as Heimdal and Active
Directory do.
server DB entry has disallow-forwardable or disallow-proxiable set, we
fail the request. It would be more helpful to just issue a ticket
without the forwardable/proxiable ticket flag set, as Heimdal and Active
Directory do.