authenticating arbitrary service via web auth...
Karl Pitrich
karl.pitrich at fabasoft.com
Wed May 28 05:26:06 EDT 2003
hi all,
following scenario:
web browser -> http server/CGI -> CGI-application using kerberos to
connect to proprietary RPC on port x.
the RPC service is hosted in s2k and linux.
on w2k, i added a user to the activedirectory and used
ktpass --princ RPCSERVICE at REALM -mapuser RPCUSR .. etc.
to create a keytab which i imported in my local keytab.
this works, as long as i kinit the machine and user running the http
server. (not apache, btw.)
how would be te simplest/sanest way to authenticate such a setup
via the WWW-Auth entered by the user at the browser?
(i just dont get it how mod_auth_krb does this on apache)
is it always necessary to get a ticket?
what would be the correct way to grant using a service via a http/cgi
server to several users within a kerberos realm?
manyTIA,
karl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20030528/163ab364/attachment.bin
More information about the Kerberos
mailing list