httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Friedrich Locke <friedrich.lo...@gmail.com>
Subject [users@httpd] i am losing my hairs
Date Thu, 07 Jul 2011 14:08:58 GMT
Hi folks,

i am trying to get my users authenticated via kerberos password
(NotGSSAPI, i.e., ticket exchange).
But i cannot and the strange is that i can connect to my web server
byproviding my kerberos password and by GSSAPI (ticket exchange).
I don't know where my error is. When i try to access my web server, a
window login is showed asking for the login as also the password. I
provide it and the authentication window appears again and again ...ad
infinitum.

Here is my configuration (only relevant part from httpd.conf)

       AuthType Kerberos
       AuthName "Kerberos Login"
       KrbMethodNegotiate off
       KrbMethodK5Passwd on
#       KrbMethodK4Passwd off
       KrbAuthoritative on
       KrbAuthRealms UFV.BR
       KrbVerifyKDC off
       KrbServiceName HTTP/gustav.cpd.ufv.br@UFV.BR
#       Krb4Srvtab ///
       Krb5Keytab /var/www/conf/http.keytab
       KrbSaveCredentials off
       require valid-user

Here it is the log (logs/error_log):

[Thu Jul  7 10:48:43 2011] [debug] src/mod_auth_kerb.c(0):
[client200.235.177.58] kerb_authenticate_user entered with user (NULL)
and auth_type Kerberos
[Thu Jul  7 10:48:48 2011] [debug] src/mod_auth_kerb.c(0):
[client200.235.177.58] kerb_authenticate_user entered with user (NULL)
and auth_type Kerberos
[Thu Jul  7 10:48:48 2011] [debug] src/mod_auth_kerb.c(0): [client
200.235.177.58] Using HTTP/gustav.cpd.ufv.br@UFV.BR as server
principal for password verification
[Thu Jul  7 10:48:48 2011] [debug] src/mod_auth_kerb.c(0): [client
200.235.177.58] Trying to get TGT for user sioux@UFV.BR [Thu Jul  7
10:48:48 2011] [error] [client 200.235.177.58]
krb5_get_init_creds_password() failed: Cannot contact any KDC for
requested realm [Thu Jul  7 10:48:48 2011] [debug]
src/mod_auth_kerb.c(0): [client 200.235.177.58]
kerb_authenticate_user_krb5pwd ret=401 user=(NULL) authtype=(NULL)

Again, my /etc/KerberosV/* configuration is working 100% for ssh, ftp, etc ....

Thanks in advance.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message