Index: branches/2.5-fixes/src/include/batch_request.h

===================================================================

--- branches/2.5-fixes/src/include/batch_request.h	(revision 5100)

+++ branches/2.5-fixes/src/include/batch_request.h	(revision 5101)

@@ -404,7 +404,7 @@

 #ifndef PBS_MOM

 extern void  req_authenuser (struct batch_request *req);

-extern void  req_altauthenuser (struct batch_request *req);

+extern int   req_altauthenuser (struct batch_request *req);

 extern void  req_connect (struct batch_request *req);

 extern void  req_locatejob (struct batch_request *req);

 extern void  req_manager (struct batch_request *req);

Index: branches/2.5-fixes/src/server/req_getcred.c

===================================================================

--- branches/2.5-fixes/src/server/req_getcred.c	(revision 5100)

+++ branches/2.5-fixes/src/server/req_getcred.c	(revision 5101)

@@ -436,7 +436,7 @@

  * utility 

  * 

 */

-void req_altauthenuser(

+int req_altauthenuser(

   struct batch_request *preq)  /* I */

@@ -462,7 +462,7 @@

   if(s >= PBS_NET_MAX_CONNECTIONS)

 	{

 	req_reject(PBSE_BADCRED, 0, preq, NULL, "cannot authenticate user");

-	return;

+	return (PBSE_BADCRED);

 	}

@@ -470,7 +470,8 @@

   if(rc)

 	{

 	/* FAILED */

-	return;

+	req_reject(PBSE_SYSTEM, 0, preq, NULL, "munge failure");

+	return (PBSE_SYSTEM);

 	}

   /* SUCCESS */

@@ -482,7 +483,7 @@

   svr_conn[s].cn_authen = PBS_NET_CONN_AUTHENTICATED;

   reply_ack(preq);

-  return;

+  return (PBSE_NONE);

   }  /* END req_altauthenuser() */

Index: branches/2.5-fixes/src/server/process_request.c

===================================================================

--- branches/2.5-fixes/src/server/process_request.c	(revision 5100)

+++ branches/2.5-fixes/src/server/process_request.c	(revision 5101)

@@ -541,10 +541,21 @@

       rc = 0;  /* bypass the authentication of the user--trust the client completely */

     else if(munge_on)

       {

-      /* If munge_on is true we will validate the connection later */

-      conn_credent[sfds].timestamp = time_now;

-      svr_conn[sfds].cn_authen = PBS_NET_CONN_AUTHENTICATED;

-      rc = 0;

+      /* If munge_on is true we will validate the connection now */

+      if ( request->rq_type == PBS_BATCH_AltAuthenUser)

+        {

+        rc = req_altauthenuser(request);

+        if (rc == PBSE_NONE)

+          {

+          conn_credent[sfds].timestamp = time_now;

+          svr_conn[sfds].cn_authen = PBS_NET_CONN_AUTHENTICATED;

+          }

+        return;

+        }

+      else

+        {

+        rc = authenticate_user(request, &conn_credent[sfds]);

+        }

       }

     else if (svr_conn[sfds].cn_authen != PBS_NET_CONN_AUTHENTICATED)

       rc = PBSE_BADCRED;

@@ -1021,9 +1032,6 @@

       break;

     case PBS_BATCH_AltAuthenUser:

-      /* Use given authentication method to determine

-         if user is valid */

-       req_altauthenuser(request); 

       break;