integrating ldap & krb5 for Apache auth -- which comes first?
pgnet trash
pgnet.trash at gmail.com
Thu Aug 21 16:55:54 EDT 2008
i'm integrating apache + kerberos5 + openldap, with the goal of using
kerberos credentials to authenticate web app access.
krb5 & openldap are both up-n-running standalone, as is apache.
for apache auth, i've read through the OpenLdap & Krb5 SysAdm guides and,
iiuc, i can either
(a) use mod_auth_ldap for auth, with ldap pointed at a krb5 keytab
containing authorized principals' credentials,
or,
(b) use mod_auth_krb5 for auth, with ldap setup as krb5's backend db, e.g.,
dbmodule:db_library = kldap
if, in fact, both are options, which usage is recommended?
More information about the Kerberos
mailing list