On 09/22/2015 11:13 AM, Martin Gee wrote: > Version: 1.13.2 kerb lib > I'm using the GSS libs to impersonate a user via HTTP SPNEGO > (http://tools.ietf.org/html/rfc4559) > I use gss_init_sec_context to get a Token which is sent over to the HTTP > service (see spec) in an HTTP Header. This is necessary. > I'm profiling my app. The gss_init_sec_context is the most expensive call. > I notice that gss_init_sec_context gives you a context handle. > Is it possible to reuse the context and still get a token?
Are you passing GSS_C_DELEG_FLAG to gss_init_sec_context()? If so, you can probably take that out and get much better performance, unless for some reason you need to send a TGT to the HTTP service. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
