Accepting security contexts, and how to get good debugging information?
Robbie Harwood
rharwood at redhat.com
Fri Sep 2 15:50:51 EDT 2016
Dylan Klomparens <dylan.klomparens at gmail.com> writes:
> I am writing a module for Apache HTTPD. The prototype module code is on
> GitHub:
>
> https://github.com/dylan-klomparens/mod_kerberos/blob/master/mod_kerberos.c
If this is for anything other than your own learning, you may wish to
use the (already packaged in all distros) mod_auth_gssapi instead:
https://github.com/modauthgssapi/mod_auth_gssapi
> I have a test setup to compare with, running mod_auth_kerb. Using that
> testbed, Kerberized access to the test web page works properly. This
> leaves me relatively certain that my keytab is valid and my browser is
> sending credentials properly.
I'd check that you're decoding the tokens properly and passing them in
to accept_sec_context in the expected way.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20160902/2ab091a7/attachment.bin
More information about the krbdev
mailing list