Quick-n-easy question: I have my apache virtual host configured to use
kerberos authentication:
<Location />
AuthType KerberosV5
KrbAuthRealms DOMAIN.COM
KrbServiceName HTTP
Krb5Keytab /etc/apache2/krb5.keytab
KrbMethodNegotiate on
KrbMethodK5Passwd on
KrbAuthoritative off
KrbSaveCredentials on
Require valid-user
</Location>
And then I created the following test page:
<html>
<head>
<title>PHP Test</title>
</head>
<body>
<h1>PHP Kerberos Test</h1>
<?php
echo "user = {$_SERVER['PHP_AUTH_USER']}<br/>";
echo "REMOTE_USER={$_SERVER['REMOTE_USER']}<br/>";
putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");
echo "KRB5CCNAME={$_SERVER['KRB5CCNAME']}<br/>";
exit();
?>
</body>
</html>
And I have mod_auth_kerb php5 modules enabled in apache. When I try to
connect to the above test page using a kerberos ticket, I do see the
PHP_AUTH_USER and REMOTE_USER (which are the same). But I get nothing
in KRB5CCNAME. Now, if I destory my kerberos ticket and login using
kerberos user/pw, At first I do get the filename associated with
KRB5CCNAME. But, if I wait less than 15s to refresh the page, I get
nothing for KRB5CCNAME; if I wait more than 15s, I will get the
filename for KRB5CCNAME.
Does anyone know what I may be doing wrong?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
