Kerberos Authentication via Apache
scmoseman@gmail.com
scmoseman at gmail.com
Tue Jan 11 14:17:47 EST 2005
Re: RHEL 3, Krb5 1.3.3, Apache 2.0, and mod_auth_kerb.
The server has joined the Windows domain, no problems.
The Kerberos tickets are setup for Apache, works good.
Here's an example of an .htaccess file for a website:
AuthType Kerberos
AuthName "MYDOMAIN"
KrbMethodNegotiate on
KrbAuthoritative on
KrbVerifyKDC off
KrbAuthRealm MYDOMAIN.COM
Krb5Keytab /var/kerberos/krb5kdc/http.keytab
<Limit GET POST>
require valid-user
</Limit>
The website authenticates against the Windows domain.
But it uses a pop-up box for the login authentication.
I'm under the impression that it should use Kerberos
tickets and get my domain login info without the need
to request it from me. I have seen it before, but I'm
at a road block trying to figure out what I need to do.
My IE is setup with "Integrated Windows Authentication"
and the website is even in my "Local intranet" zones.
Is there another step that I am missing on the Apache?
Thanks,
Scott
More information about the Kerberos
mailing list