Accepting security contexts, and how to get good debugging information?

Robbie Harwood rharwood at
Fri Sep 2 15:50:51 EDT 2016

Dylan Klomparens <dylan.klomparens at> writes:

> I am writing a module for Apache HTTPD. The prototype module code is on
> GitHub:

If this is for anything other than your own learning, you may wish to
use the (already packaged in all distros) mod_auth_gssapi instead:

> I have a test setup to compare with, running mod_auth_kerb. Using that
> testbed, Kerberized access to the test web page works properly. This
> leaves me relatively certain that my keytab is valid and my browser is
> sending credentials properly.

I'd check that you're decoding the tokens properly and passing them in
to accept_sec_context in the expected way.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
Url :

More information about the krbdev mailing list