[19324] in Kerberos
authenticating arbitrary service via web auth...
daemon@ATHENA.MIT.EDU (Karl Pitrich)
Wed May 28 05:26:37 2003
From: Karl Pitrich <karl.pitrich@fabasoft.com>
To: kerberos@mit.edu
Message-Id: <1054113966.954.211.camel@warp.fabafsc.fabagl.fabasoft.com>
Mime-Version: 1.0
Date: 28 May 2003 11:26:06 +0200
Content-Type: multipart/mixed; boundary="===============5739857926856804=="
Errors-To: kerberos-bounces@mit.edu
--===============5739857926856804==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="=-hnYZAlDPk8n/bi09basy"
--=-hnYZAlDPk8n/bi09basy
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
hi all,
following scenario:
web browser -> http server/CGI -> CGI-application using kerberos to=20
connect to proprietary RPC on port x.
the RPC service is hosted in s2k and linux.
on w2k, i added a user to the activedirectory and used
ktpass --princ RPCSERVICE@REALM -mapuser RPCUSR .. etc.
to create a keytab which i imported in my local keytab.
this works, as long as i kinit the machine and user running the http
server. (not apache, btw.)
how would be te simplest/sanest way to authenticate such a setup
via the WWW-Auth entered by the user at the browser?
(i just dont get it how mod_auth_krb does this on apache)
is it always necessary to get a ticket?
what would be the correct way to grant using a service via a http/cgi
server to several users within a kerberos realm?
=20
manyTIA,
karl
--=-hnYZAlDPk8n/bi09basy
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA+1ICuhjEylB2OKukRApGQAKCuiSCuBdm+5OPzDLzFtQOx5HgltgCgsVHr
dlZbn8EQOJSV4kXDUI8lEFM=
=tKxI
-----END PGP SIGNATURE-----
--=-hnYZAlDPk8n/bi09basy--
--===============5739857926856804==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============5739857926856804==--
