During the process of establishing a GSS security context, the initiator creates a GSS context and calls requestCredDeleg(true) so that it can delegate the client's credentials. However, after the establishment of the security context, the call to the getCredDelegState method of the context created and initated by the acceptor returns a value of false, which should be presumably a value of true.
This defect happens only in SPNEGO implementation of GSS. The process works well in Krb5 implementation of GSS. There might be some places in the SPNEGO implementation which has distorted the behavior of requestCredDeleg and getCredDelegState.



###@###.### 2005-05-12 03:34:09 GMT