[30322] in Kerberos
Multiple Realms in Apache mod_auth_kerb
daemon@ATHENA.MIT.EDU (Reto Schubnell)
Thu Sep 25 13:31:50 2008
Message-ID: <BAY142-W6E9B6DCB987AEFC2AB47CF8440@phx.gbl>
From: Reto Schubnell <reto_schubnell@hotmail.com>
To: <kerberos@mit.edu>
Date: Thu, 25 Sep 2008 13:23:19 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello
I have a problem to get my apache to work with 2 Domains test1 and test2 with kerberos The Site should be accessible by users in both domains. Is there a trust needed between the domains ? ( I can't do a trust between the domains for securiy reasons )
What steps are needed to get this work ?
kerberos.conf in apache
<Directory />
Options FollowSymLinks
AllowOverride None
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbAuthoritative On
KrbVerifyKDC On
KrbAuthRealms TEST1.LOCAL TEST2.LOCAL
Krb5KeyTab /etc/apache2/test.keytab
require valid-user
</Directory>
krb5.conf
[realms]
TEST1.LOCAL = {
kdc = kdc.test1.local
admin_server = kdc.test1.local
}
TEST2.LOCAL = {
kdc = kdc.test2.local
admin_server = kdc.test2.local
}
_________________________________________________________________
Connect to the next generation of MSN Messenger
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
