|KRB5_GC_CACHED||Only check the ccache, dont got out on network to fetch credential.|
|request a user to user ticket. This options doesnt store the resulting user to user credential in the ccache.|
|returns the credential even if it is expired, default behavior is trying to refetch the credential from the KDC.|
|KRB5_GC_NO_STORE||Do not store the resulting credentials in the ccache.|
krb5_get_creds_opt_set_enctype sets the preferred encryption type of the application. Dont set this unless you have to since if there is no match in the KDC, the function call will fail.
krb5_get_creds_opt_set_impersonate sets the principal to impersonate., Returns a ticket that have the impersonation principal as a client and the requestor as the service. Note that the requested principal have to be the same as the client principal in the krbtgt.
krb5_get_creds_opt_set_ticket sets the extra ticket used in user-to-user or contrained delegation use case.
krb5(3), krb5_get_credentials(3), krb5.conf(5)