* Christian Ullrich wrote:
> * Christian Ullrich wrote:
>
>> * Christian Ullrich wrote:
>>
>> > According to the release notes, the default for the "include_realm"
>> > option in SSPI authentication was changed from off to on in 9.5 for
> > > improved security. However, the authenticated user name, with the
> > > option enabled, includes the NetBIOS domain name, *not* the Kerberos
>> > realm name:
>
>> Below is a patch to correct this behavior. I suspect it has some
>> serious compatibility issues, so I would appreciate feedback.
>
> Updated patch, sorry. The first one worked by accident only.
Another update. This time even the documentation builds.
One thing I'm fairly sure I need advice on is error handling and/or
error codes. Right now I use ERROR_INVALID_ROLE_SPECIFICATION just about
everywhere (because the surrounding SSPI code does as well), and that is
probably not the best choice in some places.
--
Christian