get only username from REMOTE_USER variable
Jeffrey Altman
jaltman2 at nyc.rr.com
Tue Sep 27 08:57:03 EDT 2005
mnikhil at gmail.com wrote:
> Hi
>
> Firstly, My Sincere thanks to all of you for making available such a
> wonderful module available to Apache on sourceforge.
>
> My problem is nothing except that to make modifications to REMOTE_USER
> variable in the kerberos itself.
> I mean when I am visiting a kerberos enabled webpage, after succesful
> authentication the REMOTE_USER variable is being set as
> "<user>@<mydomainname>"
> I guess here the <domainname>, obviously it takes from domain_realm,
> set in the /etc/krb5.conf page.
> So, I want to make changes something that could make REMOTE_USER
> variable just the "user" and not the "<user>@<mydomainname>".
>
> Response would be much appreciated.
>
> Regards,
> Nikhil
>
You could make a change to do so but it would be unwise. What you
refer to as <mydomainname> is really <REALM-OF-USER>. Since Kerberos
supports authentication from multiple realms, it is necessary to
include the full principal name in REMOTE_USER to distinguish the
source of the authentication.
Jeffrey Altman
--
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
More information about the Kerberos
mailing list