--- loncom/lond	2022/02/20 20:58:26	1.489.2.43.2.3
+++ loncom/lond	2022/02/25 10:00:00	1.489.2.43.2.4
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.489.2.43.2.3 2022/02/20 20:58:26 raeburn Exp $
+# $Id: lond,v 1.489.2.43.2.4 2022/02/25 10:00:00 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -63,7 +63,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.489.2.43.2.3 $'; #' stupid emacs
+my $VERSION='$Revision: 1.489.2.43.2.4 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -7746,8 +7746,15 @@ sub validate_user {
             } elsif ((($domdefaults{'auth_def'} eq 'krb4') || 
                       ($domdefaults{'auth_def'} eq 'krb5')) &&
                      ($domdefaults{'auth_arg_def'} ne '')) {
-                $howpwd = $domdefaults{'auth_def'};
-                $contentpwd = $domdefaults{'auth_arg_def'}; 
+                #
+                # Don't attempt authentication for username and password supplied
+                # for user without an account if username contains @ to avoid
+                # call to &Authen::Krb5::parse_name() which will result in con_lost
+                #
+                unless ($user =~ /\@/) {
+                    $howpwd = $domdefaults{'auth_def'};
+                    $contentpwd = $domdefaults{'auth_arg_def'};
+                }
             }
         }
     }