Hi Thomas,
I'm not certain which part of my config you're referring to. I'm
deploying my own WebAuth service, as opposed to using Stanford's setup,
if that's a source of confusion.
Once I manually created the keyring for WebKDC as Russ Allbery suggested
everything ended up working correctly.
Tha
Hi Derek,
It looks like your config file isn't pointing to the correction location
if you want to use Stanford's webauth service.
Read through this http://webauth.stanford.edu/install-stanford.html
which gives you the settings.
Check the webauth-status configuration to help troubleshoot too.
Yup that appears to have worked. I (incorrectly) assumed that the 2d
meant it would be valid for 2 days, not become valid in 2 days.
It looks like I now have a redirect loop in my configs for the page that
a successful login gets redirected to, but that's probably not related
to webauth.
Thanks
Derek Gonyeo writes:
> I'm from the Computer Science House at RIT, and I'm working on deploying
> webauth to a new web server. I've run into this issue where WebKDC
> appears to be not creating its keyring. The specific error I get is:
> webauth_keyring_read: file does not exist (/var/lib/webkdc/
Derek Gonyeo writes:
> I just grabbed webauth-utils, and ran
> wa_keyring -f /var/lib/webkdc/keyring add 2d
> chmod 660 /var/lib/webkdc/keyring
> chown root:www-data /var/lib/webkdc/keyring
You've added a key which isn't yet valid (won't be valid for two days).
So...
> and now the webauth logs
I just grabbed webauth-utils, and ran
wa_keyring -f /var/lib/webkdc/keyring add 2d
chmod 660 /var/lib/webkdc/keyring
chown root:www-data /var/lib/webkdc/keyring
and now the webauth logs are giving me:
mod_fcgid: stderr: WebKDC::make_request_token_request failed with
unrecoverable error occured. Tr
I do intend to fully replace the other server, so I'll need my own
webkdc. wa_keyring also doesn't appear to have been installed with the
libapache2-webauth or libapache2-webkdc packages. Should I just build
the webauth source to get it?
I do have webkdc.load in /etc/apache2/mods-enabled/, and the
On Fri, 2015-07-31 at 11:11 -0700, Derek Gonyeo wrote:
> Hi,
>
> First of all, sorry if this isn't the right place to send something like
> this.
>
> I'm from the Computer Science House at RIT, and I'm working on deploying
> webauth to a new web server. I've run into this issue where WebKDC
> app
