httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ondrej Valousek <Ondrej.Valou...@s3group.com>
Subject [users@httpd] mod_auth_kerb (AKA run a CGI script upon every page visit) question
Date Tue, 23 Feb 2016 13:40:08 GMT
Hi List,

I have an unusual question regarding module mod_auth_kerb:
I would like to use it's "KrbSaveCredentials" function - but the problem is, that it only
seems to work for CGI/PHP scripts.

I would like to get it working so that Kerberos Cache is being saved _before_ Apache even
tries to read a script/page from the filesystem.

Scenario:
Some web pages reside on a filesystem mounted via NFS with Kerberos enabled (mount -o sec=krb5
filer:/www/html /var/www).
That means Apache daemon can not access the filesystem unless a proper KRB5 cache is feeded.

Thinking about two options:

1.       Hack mod_auth_kerb that once user is successfully authenticated, immediately store
Kerberos credentials and then look for the file/script the remote user is asking for

2.       Run some dummy CGI script on background on every page user ask for - this way I would
possibly achieve the same.

Can you help me someone. Looks like a trivial task, but I do not know how to achieve that.
Thanks,

Ondrej

-----

The information contained in this e-mail and in any attachments is confidential and is designated
solely for the attention of the intended recipient(s). If you are not an intended recipient,
you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If
you have received this e-mail in error, please notify the sender by return e-mail and delete
all copies of this e-mail from your computer system(s). Please direct any additional queries
to: communications@s3group.com. Thank You. Silicon and Software Systems Limited (S3 Group).
Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown,
Dublin 18.

Mime
View raw message