Fedora2/Apache2 and Key Version Error
Markus Moeller
huaraz at moeller.plus.com
Fri Aug 12 16:50:19 EDT 2005
Jose,
If I understand you right you are using Apache2 with mod_auth_gssapi_krb5
or similar and receive a NTLM token from IE, which can't be handled by the
underlying Kerberos libraries.
You should make sure that:
1) You have IE configured to use windows integrated authentication (see
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/http-sso-1.asp)
2) Have a keytab with a HTTP/servername on the Apache2 server
3) check with kerbtray that your client gets the HTTP/servername service
ticket
Regards
Markus
""Jose M. Fernandez A."" <jose.fernandez at reniec.gob.pe> wrote in message
news:ADC261401C904B43A262F3DAF576097586FCD4 at mailsa.reniecperu.net...
> Hello myu friend, i wan t to know if you resolve this problem:
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> Acquiring creds for HTTP/fqdn.domain.com at REALM
> <https://mailman.mit.edu/mailman/listinfo/kerberos> Verifying client data
> using KRB5 GSS-API Verification returned code 589824 Warning: received
> token seems to be NTLM, which isn't supported... gss_accept_sec_context()
> failed: A token was invalid (Token header is malformed or corrupt)
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> kerb_authenticate_user_krb5pwd ret=0 user=username at REALM
> <https://mailman.mit.edu/mailman/listinfo/kerberos> authtype=Basic
>
>
>
> If, you can help, please i will be very gracefull
>
> Thanks
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list