Forcibly reset credentials on client request

If a client, by its own initiative, decides to try to reset the
credential status by sending an Authorization header, let's oblige
and kill the current authorization context.

In a connection oriented case we kill the GSS context, and if
sessions are in use we set an expired, NULL session, so that the
client will be effectively logged out unless a complete authentication
is performed again.

0 files changed, 0 insertions, 0 deletions