On Wednesday 13 July 2005 16:17, Chris Kuethe wrote:
> You don't need that. Just set KRB5_LDFLAGS and KRB5_CPPFLAGS properly
> when you run configure. I have a port made up, but I'm just waiting
> for the author to produce a release instead of another release
> candidate. I've been running this in production for the best part of a
> year and it's been pretty solid.
Thanks a lot. It works fine.
Now I'm stuck with a keytab problem.
Here's what I've done on the apache server:
# kadmin
kadmin> add --random-key HTTP/[EMAIL PROTECTED]
Max ticket life [1 day]:
Max renewable life [1 week]:
Principal expiration time [never]:
Password expiration time [never]:
Attributes []:
kadmin> ext -k /var/www/conf/httpd.keytab HTTP/[EMAIL PROTECTED]
kadmin> quit
# chown www:www /var/www/conf/httpd.keytab
Here's an exerpt of /var/www/conf/httpd.conf
<Directory "/var/www/htdocs/manual">
Options MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Here's my /var/www/htdocs/manual/.htaccess
AuthType Kerberos
AuthName "Kerberos Login"
KrbAuthRealms STARS.NET
KrbServiceName HTTP
Krb5Keytab /var/www/conf/httpd.keytab
#KrbMethodK4Passwd off
Require valid-user
Now when I point a browser to http://polaris.stars.net/manual and
enter a valid user/password I have an 'Authorization Required' error.
My /var/www/logs/error_log contains
[Thu Jul 14 02:11:13 2005] [error] [client 192.168.0.200] failed to verify
krb5 credentials: Key table entry not found
Any tip?
Regards,
Thierry.
