Kerberos Authentication via Apache
Luis Daniel Lucio Quiroz
dlucio at okay.com.mx
Tue Jan 11 15:40:08 EST 2005
MOD_KRB5 or whatever you are using just auth agains krb db without ticket
support. Read documentation.
Instead of that you could use mod_auth_ntlm, it works in a single-sign-on
mode.
regards
LD
On Tue, 11 Jan 2005 scmoseman at gmail.com wrote:
>
> Re: RHEL 3, Krb5 1.3.3, Apache 2.0, and mod_auth_kerb.
>
> The server has joined the Windows domain, no problems.
> The Kerberos tickets are setup for Apache, works good.
>
> Here's an example of an .htaccess file for a website:
>
> AuthType Kerberos
> AuthName "MYDOMAIN"
> KrbMethodNegotiate on
> KrbAuthoritative on
> KrbVerifyKDC off
> KrbAuthRealm MYDOMAIN.COM
> Krb5Keytab /var/kerberos/krb5kdc/http.keytab
> <Limit GET POST>
> require valid-user
> </Limit>
>
> The website authenticates against the Windows domain.
> But it uses a pop-up box for the login authentication.
> I'm under the impression that it should use Kerberos
> tickets and get my domain login info without the need
> to request it from me. I have seen it before, but I'm
> at a road block trying to figure out what I need to do.
>
> My IE is setup with "Integrated Windows Authentication"
> and the website is even in my "Local intranet" zones.
> Is there another step that I am missing on the Apache?
>
> Thanks,
> Scott
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list