Apache with Kerberos authentification
Dennis GuseSpecial thanks to the guys who invented modauthkerb. I removed the PAM authentification modules, which I only used as wrapper to get Kerberos auth through PAM and replaced it with modauthkerb. Here is the small configuration:
1 Krb5Keytab /etc/apache2/krb5.keytab
2 KrbAuthRealms G00SE.ORG
3 KrbServiceName HTTP
4 <Directory / >
5 AuthType Kerberos
6 Require valid-user
7 </Directory>That's all! Cool.
The Firefox bundled into my OpenSUSE 10.3 does already contain all necessary configurations. I only needed to add g00se.org *to *network.negotiate-auth.trusted-uris in about:config. So he does accept the offer to do GSSAPI authentification with these URIS. And that's pretty cool.
At least I need to figure a way to get my M$ system use such cool stuff.