Hi, On Wed, 2010-10-20 at 12:27 +0200, Assarsson, Emil wrote: > Hi all, > > I use mod_authnz_ldap today with simple ldap bind. > Our security team wants me to use to use Kerberos instead to make it more > secure. > This will allow them to specify from where the service account can login and > will also protect the credentials from eavesdropping. > > Is it possible to make mod_authnz_ldap to use a keytab instead? > Or do anyone have a suggestion how to solve this in a even better way?
mod_auth_kerb: http://modauthkerb.sourceforge.net/ Complex but does work, even with Active Directory. > > Best regards > > Emil Assarsson > Sony Ericsson Mobile Communications AB > > "The information in this email, and attachment(s) thereto, is strictly > confidential and may be legally privileged. It is intended solely for the > named recipient(s), and access to this e-mail, or any attachment(s) thereto, > by anyone else is unauthorized. Violations hereof may result in legal > actions. Any attachment(s) to this e-mail has been checked for viruses, but > please rely on your own virus-checker and procedures. If you contact us by > e-mail, we will store your name and address to facilitate communications in > the matter concerned. If you do not consent to us storing your name and > address for above stated purpose, please notify the sender promptly. Also, if > you are not the intended recipient please inform the sender by replying to > this transmission, and delete the e-mail, its attachment(s), and any copies > of it without, disclosing it." > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ -- Best Regards, Brett Delle Grazie ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
