kerberos 5.0 and apache 1.3.34

[abbas.attarwala@gmail.com]

Thanks richard,

My kerberos authentication i think is working now

i say 'i think' because when i check my http header response this is
what i am getting:

WWW-Authenticate: Basic realm="Kerberos Login"

It is saying Basic, when I have configured my httpd.conf file for
kerberos authentication!

why is this???

thanks again


Richard E. Silverman wrote:
> >>>>> "AA" == abbas attarwala <abbas.attarwala at gmail.com> writes:
>
>     AA> Hello, I have apache 1.3.34 running on a ubuntu linux box. I want
>     AA> my webserver to authenticate users through kerberos.
>
>     AA> my kerberos, i think is correctly set up. I can use kinit and
>     AA> klist.
>
>     AA> my questions are:
>
>     AA> 1) What exactly do i need to change in the httpd.conf file?  my
>     AA> website resides under /var/www and i want all the contents under
>     AA> /var/www to be protected.
>
>     AA> 2) I got the libapache_mod_auth_kerb package through
>     AA> synaptics(ubuntu) and apache loads it just fine. BUT, when go on a
>     AA> different machine and try to access the website, i can see the
>     AA> dialog box with user name and password open, but when i enter my
>     AA> credentials, the box just keeps on popping up and does not seem to
>     AA> authenticate.
>
>     AA> what am i doing wrong?
>
> Since you haven't debugged enough to find out why it's doing that, there
> are too many possiblities to cover.  Look at the KDC log, the Apache error
> log, the DNS and HTTP traffic.  Find out what it's doing before trying to
> fix it.
>
> At least, you must have an HTTP/<fqdn>@REALM principal and its key in the
> keytab referenced below, and that file readable by the Apache process.
>
>   <directory /var/www>
>     AuthType Kerberos
>     AuthName "Our Secure Space"
>     KrbMethodNegotiate on
>     KrbServiceName HTTP
>     Krb5Keytab /path/to/my/keytab
>     require valid-user
>   </directory>
> 
> -- 
>   Richard Silverman
>   res at qoxp.net