[Cialug] apache2 authentication with Windows PDC
Christopher R. Rhodes
arreyder at apache.org
Thu Dec 2 13:54:10 CST 2010
>
> +1 on the Kerberos authentication. It works great for me at work and
> if you're using IE as the browser you won't even have to enter a
> username/password.
>
> The only issue that I have had is that I needed to make sure that my
> Kerberos service principal used the fully qualified hostname of the
> server rather than whatever hostname the web site was using (which
> could be different depending on if you are using virtual hosts). The
> only other thing that Kerberos authentication won't do for you is to
> limit access to groups of AD users.
>
Works in Firefox and Safari as well with minor adjustments.
Examples here:
http://www.helpdesk.umd.edu/topics/applications/kerberos/4782/
(even works on a properly configured for krb linux box with a kerberos ticket already obtained from a kinit user at REALM)
crr
arreyder at apache.org
chris at ia.gov
More information about the Cialug
mailing list