How can I make SPNEGO working with mod_auth_kerb?

Question

here is my problem:

Context: kerberos authentication for two kinds of webapps, one using Apache mod_auth_kerb and the other using SPNEGO (GSSAPI) for Tomcat. I use mod_jk for connecting Tomcat to Apache.

Problem: kerberos headers from client Tomcat seem to be modified by Apache, which leads to authentication failures (Mechanism level: Checksum failed).

Question: How can I configure/disable mod_auth_kerb (or mod_jk) for SPNEGO webapps and keep it working for the others? Is there any other solution?

Thank you!

score 0 · Answer 1 · answered Dec 12 '10 at 12:17

0

mod_auth_gss_krb5 might be of useful. Its available in this link http://modgssapache.sourceforge.net/

answered Dec 12 '10 at 12:17

kalyan

3,076
1
22
29

How can I make SPNEGO working with mod_auth_kerb?

1 Answers1