Accepting security contexts, and how to get good debugging information?
Dylan Klomparens
dylan.klomparens at gmail.com
Fri Sep 2 15:15:50 EDT 2016
Hello,
I am writing a module for Apache HTTPD. The prototype module code is on
GitHub:
https://github.com/dylan-klomparens/mod_kerberos/blob/master/mod_kerberos.c
Its purpose is to authenticate a user with a Kerberos service ticket.
gss_accept_sec_context returns an error and I'm not sure why. After many
web searches and additional debugging, I've been unable to find additional
information about the nature of the error. Hopefully someone on this
listserv might be able to shed some light on the problem? The error message
reads:
Unspecified GSS failure. Minor code may provide more information
No minor error code information is returned upon checking it with
gss_display_status.
I have a test setup to compare with, running mod_auth_kerb. Using that
testbed, Kerberized access to the test web page works properly. This leaves
me relatively certain that my keytab is valid and my browser is sending
credentials properly.
How can I correct the inputs to gss_accept_sec_context to properly verify
the user's service ticket? Is there a way to obtain more detailed error
information from GSSAPI?
-- Dylan Klomparens
More information about the krbdev
mailing list