No subject
Dennis Putnam
dennis.putnam at aimaudit.com
Thu Dec 7 07:31:36 EST 2006
Thanks for the reply. The reply from Jiva DeVoe (thank you very much)
may be the one that gets me out of this jam. I am going to forward
that to the author of the Authen::Krb5 module to see if that helps. I
did answer your questions below in case you or someone else has
additional comments or suggestions.
On Dec 6, 2006, at 9:21 PM, Michael B Allen wrote:
>
>
>
> Are you using the PHP SAPI (server API) or CLI (commandline)?
>
> API.
>
>
> You said "page" as in HTLM page so I will assume SAPI in which case
> I'm
> confused for two reasons.
>
> First, how you are calling Perl from within PHP?
>
system($command,$ret_code);
>
>
> Second how are you getting initial credentials? Is your web app
> authenticating browser clients using Kerberos?
I'm not, which is the crux of the problem. I'm using the Authen:Krb5
module for perl. As I said above, I call my script using 'system';
>
> Mike
>
> PS: The next revision of our product (see sig) will enable PHP to
> directly perform a wide variety authentication, authorization and
> account management tasks with both SAPI and CLI (e.g. do HTTP SSO
> and use
> delegated cred with Kerberos aware clients like curl, ldap, pgsql,
> etc).
That is a big hole in the current implementation of PHP. It provides
a few methods of authentication but adding Kerberos support to the
API will be a very welcome addition.
>
> --
> Michael B Allen
> PHP Active Directory SSO
> http://www.ioplex.com/
>
Dennis Putnam
Sr. IT Systems Administrator
AIM Systems, Inc.
11675 Rainwater Dr., Suite 200
Alpharetta, GA 30004
Phone: 678-240-4112
Main Phone: 678-297-0700
FAX: 678-297-2666 or 770-576-1000
The information contained in this e-mail and any attachments is
strictly confidential. If you are not the intended recipient, any
use, dissemination, distribution, or duplication of any part of this
e-mail or any attachment is prohibited. If you are not the intended
recipient, please notify the sender by return e-mail and delete all
copies, including the attachments.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20061207/add4a0e3/attachment.bin
More information about the Kerberos
mailing list