glm-5.1
68728451a4
NapiServerHandler was bypassing IdentityProvider, calling config.auth.authenticate_publickey() directly, which meant no Identity was stored on the session and per-identity forwarding rules could not match. It also skipped ForwardingPolicy::check() entirely, defeating forwarding access control for NAPI-served tunnels. Both are now consistent with ServerHandler and SshHandler behavior.