Accepting security contexts, and how to get good debugging information?

Dylan Klomparens dylan.klomparens at
Fri Sep 2 15:15:50 EDT 2016


I am writing a module for Apache HTTPD. The prototype module code is on

Its purpose is to authenticate a user with a Kerberos service ticket.
gss_accept_sec_context returns an error and I'm not sure why. After many
web searches and additional debugging, I've been unable to find additional
information about the nature of the error. Hopefully someone on this
listserv might be able to shed some light on the problem? The error message

Unspecified GSS failure. Minor code may provide more information

No minor error code information is returned upon checking it with

I have a test setup to compare with, running mod_auth_kerb. Using that
testbed, Kerberized access to the test web page works properly. This leaves
me relatively certain that my keytab is valid and my browser is sending
credentials properly.

How can I correct the inputs to gss_accept_sec_context to properly verify
the user's service ticket? Is there a way to obtain more detailed error
information from GSSAPI?

-- Dylan Klomparens

More information about the krbdev mailing list