My Oracle Support Banner

RP/TUX 7.1 and 8.0 - _ec_sec_atn_gss_accept_sec_context() is not called by self-authenticating process. (Doc ID 768378.1)

Last updated on JANUARY 19, 2018

Applies to:

Oracle Tuxedo / Tuxedo / 7.1, 8.0
Information in this document applies to any platform


In developing a security plugin, the _ec_sec_atn_gss_accept_sec_context() is not called if a previous call to
_ec_sec_atn_gss_init_sec_context() returned GSS_S_COMPLETE, but an output token still needs to be transmitted
(indicated by the output_token->length field set to a non-zero value, according to the rfc 1509/2744).

This is only the case if the process is authenticating with itself, for example when the BBL boots.

The described behavior causes problems when impersonating a user in a GWTDOMAIN process because the authorization
token is produced when gss_accept_sec_context() returns GSS_S_COMPLETE.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.