apache & Kerberos

Tim Alsop Tim.Alsop at CyberSafe.Ltd.UK
Fri Aug 1 10:46:46 EDT 2003


This mod for Apache does not use Kerberos tickets to authenticate the user logged into the workstation to the Apache server. Instead, it uses a Kerberos client at the web server to authenticate the user via a userid/password entered into a browser dialog and a domain cookie is used to maintain the context. The approach our WebAccess product uses and the one referenced by Jeremy and developed with Heimdal libraries uses Kerberos and GSSAPI to establish a security context between the browser and the Web server and hence a Kerberos service ticket is sent to the web server so it can determine the identity of the user.

Thanks, Tim.

-----Original Message-----
From: Subu Ayyagari [mailto:s.ayyagari at xpedite.com] 
Sent: 01 August 2003 15:32
To: kerberos at mit.edu
Subject: RE: apache & Kerberos

Kerberos authentication for apache:

-----Original Message-----
From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu]On
Behalf Of Jeremy Fressard
Sent: Friday, August 01, 2003 7:29 AM
To: kerberos at mit.edu
Subject: apache & Kerberos

Just to know if somebody has succeed to install apache with a kerberos module to NOT using the Basic Auth mechanism, but kerberos authentication only.

And where I can found information?.

The solution I search is the same as this site :
Find a module for apache and install a kerberized mozilla for exemple.
But this site explain how to do with heimdal and I use the MIT!

If you have an idea!



Kerberos mailing list           Kerberos at mit.edu
Kerberos mailing list           Kerberos at mit.edu

More information about the Kerberos mailing list