[30234] in Kerberos
integrating ldap & krb5 for Apache auth -- which comes first?
daemon@ATHENA.MIT.EDU (pgnet trash)
Thu Aug 21 18:34:50 2008
Message-ID: <dbd51810808211355o28e49ed0k2a547d2f364951cf@mail.gmail.com>
Date: Thu, 21 Aug 2008 13:55:54 -0700
From: "pgnet trash" <pgnet.trash@gmail.com>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
i'm integrating apache + kerberos5 + openldap, with the goal of using
kerberos credentials to authenticate web app access.
krb5 & openldap are both up-n-running standalone, as is apache.
for apache auth, i've read through the OpenLdap & Krb5 SysAdm guides and,
iiuc, i can either
(a) use mod_auth_ldap for auth, with ldap pointed at a krb5 keytab
containing authorized principals' credentials,
or,
(b) use mod_auth_krb5 for auth, with ldap setup as krb5's backend db, e.g.,
dbmodule:db_library = kldap
if, in fact, both are options, which usage is recommended?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
