Problem to have mod_auth_kerb to work
Markus Moeller
huaraz at moeller.plus.com
Fri Jan 13 14:45:12 EST 2006
Check the keytab permissions. If apache runs as webuser and the default
keytab has only root read permission you will see this error.
Markus
"Smellyfrog" <yannick at smellyfrog.com> wrote in message
news:1137158596.328672.19980 at g49g2000cwa.googlegroups.com...
> OK, it's getting sad. I'm replying to my own posts. ;o) What was wrong
> was the way the Keytab had been generated. I asked our admin to
> regenerate it but this time following exactly Achim's way. So now I
> have a ticket for the HTTP service being generated in my XP Client.
>
> In apache though I have the following:
> [Fri Jan 13 12:57:16 2006] [info] Initial (No.1) HTTPS request received
> for child 0 (server GTCI2736VM.bgt.banta.com:443)
> [Fri Jan 13 12:57:16 2006] [debug] src/mod_auth_kerb.c(1326): [client
> 172.24.25.100] kerb_authenticate_user entered with user (NULL) and
> auth_type Kerberos
> [Fri Jan 13 12:57:16 2006] [debug] src/mod_auth_kerb.c(1023): [client
> 172.24.25.100] Acquiring creds for HTTP/gtci2736vm at BGT.BANTA.COM
> [Fri Jan 13 12:57:16 2006] [error] [client 172.24.25.100]
> gss_acquire_cred() failed: Miscellaneous failure (Permission denied)
>
> SO any idea on why I have a failure with permission denied is more than
> welcome.
>
> Thanks
> Yannick
>
More information about the Kerberos
mailing list