krb5 Apache and navigators
Jean-Christophe Gay
jean-christophe.gay at dauphine.fr
Mon Sep 2 05:05:13 EDT 2013
Hi,
we have a little apache server linked to a KDC. This webserver display
one web site (krb5test) with a single "Hello World" page. We add the
following .htaccess in the krb5test directory :
AuthName "Kerberos Login"
AuthType Kerberos
KrbMethodNegotiate on
KrbMethodK5Passwd off
KrbAuthoritative on
KrbAuthRealms EXAMPLE.COM
KrbVerifyKDC on
KrbServiceName HTTP/web.example.com at EXAMPLE.COM
Krb5KeyTab /etc/http.keytab
KrbSaveCredentials off
require valid-user
KDC and keytabs are well configured and if user got a TGT everything is
working as intended. The problem is when a user do not have a ticket.
Using some navigators on some OS, a popup windows arise and ask for
credentials, then do nothing with them and then display the error page.
We'd like to get rid of that popup windows, is that possible ?
system : REHL 6
mod_auth_kerb installed, active and loaded
Thanks for any help,
--
Jean-Christophe Gay -- Université Paris Dauphine
Responsable de la Sécurité des Systèmes d'Information
Tel : 01 44 05 45 04
jean-christophe.gay at dauphine.fr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20130902/48335cba/attachment.bin
More information about the Kerberos
mailing list