<div dir="ltr"><div>Hi,<br><br>I want to disable the replay cache during context establishment in
Kerberos ( JGSS ) to avoid Request is a replay (34) exception. JGSS
provides the method requestReplayDet() to be called on initiator side
but this works only to detect replay of tokens passed after context
establishment. context.requestReplayDet(false) doesn't prevent the
replay exception during context establishment. <br>
<br>
I am using separate context for each thread. For replay detection, JGSS
just checks if multiple context establishment request from a client has
same timestamp in authenticator. With several threads using the same
client principal, it may happen that the replay attack detected is false
positive.<br>
<br>
MIT kerberos provides a way to disable replay cache by setting
KRB5RCACHENAME=none in environment variables. In JGSS, it looks like there is no such
thing.<br><br clear="all"><br>-- <br>Regards,<br>Vipul<br></div>
</div>