This is a discussion on Re: gss_accept_sec_context fails intermittently - Kerberos ; No to try and rain on your parade but... Wouldn't it be easier to use the standard mod_auth_kerb lib and write an apple only directory service apache module (if it doesn't already exist), and set up the auth kerb as ...
No to try and rain on your parade but...
Wouldn't it be easier to use the standard mod_auth_kerb lib and write an
apple only directory service apache module (if it doesn't already
exist), and set up the auth kerb as non-authoritative?
On Mon, 2008-01-21 at 10:55 -0700, Nathan Mellis wrote:
> I am writing a module for Apache that does Kerberos authentication as
> well as providing Basic authentication as a fallback and authorization
> via Apple's Directory Services. I have followed both Apple's sample
> code and the code from mod_auth_kerb and think I've got my mind
> wrapped around the whole process. I am running into a problem though
> where gss_accept_sec_context will sometimes return properly and let
> everything go through. Other times it will return with a major error
> of "851968" (Unexpected error) and a minor error of "0" (No error).
> Needless to say, this has me somewhat stumped. Does anyone know where
> else I can look to see what exactly it is not liking on the times that
> it fails?
> Thanks in advance!
> Nathan Mellis
> Application Developer
> Mission Aviation Fellowship
> Kerberos mailing list Kerberos@mit.edu