493: Undecipherable

-Blog-

-Projects-

-About me-

-RSS-

Apache with Kerberos authentification

Dennis Guse

Special thanks to the guys who invented mod_auth_kerb. I removed the PAM authentification modules, which I only used as wrapper to get Kerberos auth through PAM and replaced it with mod_auth_kerb. Here is the small configuration:

1
2
3
4
5
6
7
 Krb5Keytab /etc/apache2/krb5.keytab
 KrbAuthRealms G00SE.ORG
 KrbServiceName HTTP
 <Directory / >
  AuthType Kerberos
   Require valid-user
 </Directory>

That’s all! Cool.

The Firefox bundled into my OpenSUSE 10.3 does already contain all necessary configurations. I only needed to add g00se.org *to *network.negotiate-auth.trusted-uris in about:config. So he does accept the offer to do GSSAPI authentification with these URIS. And that’s pretty cool.

At least I need to figure a way to get my M$ system use such cool stuff.