[Freeipa-users] login with kerberos on a webserver, just like with the ipa interface.
Han Boetes
hboetes at gmail.com
Thu Dec 20 15:38:40 UTC 2012
Hi,
I followed http://freeipa.org/page/Apache_SNI_With_Kerberos to enable login
in to a webserver with kerberos tickets. I followed everything to the
letter and all looks well.
I can log in with a username and password, but when I set the httpd.conf
entry to
KrbMethodK5Passwd off
I can't log in. What works great with the ipa admin interface does not work
with this recipe.
I even compared it to /etc/httpd/conf.d/ipa.conf and added the
KrbAuthRealms setting but to no avail.
Adding KrbConstrainedDelegation on does not work alas. Although I am
using centos 6.3
I checked the http logfiles and the /var/log/krb5kdc.log, everything else
on that host works fine. I can log in without a password and sudo -s works
like it should.
Please help me debugging this issue. What am I missing?
# Han
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121220/378769b9/attachment.htm>
More information about the Freeipa-users
mailing list