Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?
Michael B Allen
mba2000 at ioplex.com
Thu Oct 5 11:09:12 EDT 2006
On Thu, 5 Oct 2006 08:03:51 +0200
"Djihangiroff, Matthias (KC-DD)" <Matthias.Djihangiroff at persona.de> wrote:
> Hello,
>
> Anyone out there whos running an Apache with mod_auth_kerb and
> mod_auth_ldap?
> Im running an Apache with mod_auth_kerb perfectly.
>
> But we have users, which arent in our Windows AD, so they cant load the
> websites protected through mod_auth_kerb.
> Is it possible to fall back to mod_auth_ldap, so they can manualy type
> in their login? (The Apache than check the user against the LDAP).
I don't know the answer to this (my understanding is that trying to
stack mod_auth_* modules together is not practical) but I just want to
point out that you can use krb5_get_init_creds_password to do Basic so
there's no reason to use LDAP at all. In fact using LDAP as a make-shift
authentication service is crude and insecure. Wether or not mod_auth_kerb
can do it I have no idea.
Mike
--
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/
More information about the Kerberos
mailing list