Richard A Nelson <[EMAIL PROTECTED]> writes:
> I just ran into this again, whilst setting up a new server :(
>
> Are there complications with this, or is it just still fairly
> low on the list ?
>
> I'm very surprised that this hasn't been reported more often - there
> must be very little kerberos
On Fri, 21 Dec 2007, Russ Allbery wrote:
Oh, okay. So you're typing in something that looks like a fully qualified
principal and mod_auth_kerb is rejecting it rather than bailing on it even
though you're telling it to do fall-through.
Exactly
Yeah, that sounds like a simple and fixable bug
On Fri, 21 Dec 2007, Russ Allbery wrote:
Oh, okay. So you're typing in something that looks like a fully qualified
principal and mod_auth_kerb is rejecting it rather than bailing on it even
though you're telling it to do fall-through.
Yes, that is exactly the issue I am stuck with - sorry mak
On Fri, 21 Dec 2007, Russ Allbery wrote:
Richard A Nelson <[EMAIL PROTECTED]> writes:
Not quite... my browser is capable of SPNEGO, but did not have a ticket
Therefore, the browser<->server auth should've been in basic mode.
Oh, okay, then yes, that should work.
Then I have a chance :)
m
Richard A Nelson <[EMAIL PROTECTED]> writes:
> On Fri, 21 Dec 2007, Russ Allbery wrote:
>> Where is the realm coming from? I think that's the part that confused
>> me. I was assuming that you were doing SPNEGO, since that would then
>> authenticate as a fully-qualified principal, but if you're d
On Fri, 21 Dec 2007, Russ Allbery wrote:
I'm afraid that you're probably running into a fundamental limitation in
the HTTP protocol here. I don't think it's possible to do what you want.
I'm not sure, let me add a little more info
The problem is that HTTP doesn't have a full-fledged SASL im
Richard A Nelson <[EMAIL PROTECTED]> writes:
> Not quite... my browser is capable of SPNEGO, but did not have a ticket
> Therefore, the browser<->server auth should've been in basic mode.
Oh, okay, then yes, that should work.
> mod-auth-kerb, however failed the request since the realm wasn't on
Richard A Nelson <[EMAIL PROTECTED]> writes:
> Here is a fragment of what I was attempting to accomplish:
> AuthType Basic
> AuthName "w3"
> AuthBasicProvider ldap file
> AuthUserFile /etc/apache2/htpasswd
> AuthzLDAPAuthoritative off
> AuthLDAPURL l
Package: libapache2-mod-auth-kerb
Version: 5.3-1.3
Severity: important
Here is a fragment of what I was attempting to accomplish:
AuthType Basic
AuthName "w3"
AuthBasicProvider ldap file
AuthUserFile /etc/apache2/htpasswd
AuthzLDAPAuthoritative off
A
9 matches
Mail list logo
