Hi All:I have a question about whether mod_proxy can do Negotiate authentication to a remote site using the credentials "saved" via:
KrbSaveCredentials ondirective in mod_auth_kerb. I'm not looking to pass-through any Authorization header supplied by the client.
Specifically, the user authentication to the first server should NOT be via Negotiate, but via a "basic" user/password validated by mod_auth_kerb via KrbMethodK5Passwd password based authentication in mod_auth_kerb.
user -> server1 : authenticate using user/password , save credentials in KRB5CCNAME ticket cache server1 -> server2: authenticate using Negotiate / GSSAPI using saved credentials
Is this possible?Secondly, when using KrbMethodK5Passwd and KrbSaveCredentials, is it possible to cache the ticket cache? Or does it do a kinit every time?
-- Thanks a bunch, David Mansfield Cobite, INC --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|