18 Mar
2025
18 Mar
'25
10:51 a.m.
On Tue Mar 18 10:51:38 2025 +0000, Hans Leidekker wrote:
If a username is passed to AcquireCredentialsHandle() but no password I would expect an error. Allowing this to succeed means the app might be using credentials for a different user than intended.
According to KRB5_TRACE if password is NULL libkrb5 uses cached ticket for the specified user@domain, so, to me it looks like an intended behaviour.