mod_auth_kerb: gss_accept_sec_context() failed
Michael Ströder
michael at stroeder.com
Fri Jan 16 14:58:25 EST 2009
HI!
I'm trying to test mod_auth_kerb-5.4 built with MIT libs 1.6.3 for
SPNEGO/Kerberos working with MS AD W2K3SP1. My ultimate goal is to
receive a forwardable ticket (env var KRB5CCNAME) and use that for LDAP
SASL/GSSAPI bind to AD. The service account in AD is AFAICS properly
initialized.
The web browser is Seamonkey and it already sends the
Authorization: Negotiate YIIE0AYGKwYBBQ[..]
in the HTTP request.
But it does not work. I don't get authorized HTTP access.
In Apache's error_log I find:
gss_accept_sec_context() failed: Unspecified GSS failure. Minor
code may provide more information (, Decrypt integrity check failed)
Any clue here? Many thanks in advance.
Ciao, Michael.
More information about the Kerberos
mailing list