You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Asmaa Ahmed <as...@hotmail.com> on 2013/02/02 16:05:35 UTC

[users@httpd] Apache-kerberos connection

Hello,
I am trying to use mod_auth_kerb in apache to get kerberos authentication for my LDAP accounts, but still can't get it works!Here is my configuration:
       <Directory /usr/share/davical/htdocs/>         AuthType Kerberos         AuthName "Calendar Login"         AllowOverride None         Order allow,deny         Allow from all         Require valid-user         KrbLocalUserMapping on        </Directory>
When open the page, it asks for the login authentication, but even after giving it a valid one from my kerberos principals keep repeating the same request (asking for user & password) without getting my page!I don't know what is missing here, but here is my debug logs from the LDAP/Kerberos server while using "aahmed" account to login.
Feb  3 01:25:45 ldap slapd[1059]: conn=1366 op=1082 SRCH base="cn=DOMAIN.COM,ou=krb5,dc=domain,dc=com" scope=2 deref=0 filter="(&(|(objectClass=krbPrincipalAux)(objectClass=krbPrincipal))(krbPrincipalName=aahmed@DOMAIN.COM))"Feb  3 01:25:45 ldap slapd[1059]: conn=1366 op=1082 SRCH attr=krbprincipalname krbcanonicalname objectclass krbprincipalkey krbmaxrenewableage krbmaxticketlife krbticketflags krbprincipalexpiration krbticketpolicyreference krbUpEnabled krbpwdpolicyreference krbpasswordexpiration krbLastFailedAuth krbLoginFailedCount krbLastSuccessfulAuth krbLastPwdChange krbExtraData krbObjectReferences krbAllowedToDelegateToFeb  3 01:25:45 ldap slapd[1059]: conn=1366 op=1082 SEARCH RESULT tag=101 err=0 nentries=1 text=
Thanks.