Fedora2/Apache2 and Key Version Error

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Fedora2/Apache2 and Key Version Error

Jose M. Fernandez A.
Hello myu friend, i wan t to know if you resolve this problem:
kerb_authenticate_user entered with user (NULL) and auth_type Kerberos kerb_authenticate_user entered with user (NULL) and auth_type Kerberos Acquiring creds for HTTP/fqdn.domain.com at REALM <https://mailman.mit.edu/mailman/listinfo/kerberos> Verifying client data using KRB5 GSS-API Verification returned code 589824 Warning: received token seems to be NTLM, which isn't supported... gss_accept_sec_context() failed: A token was invalid (Token header is malformed or corrupt) kerb_authenticate_user entered with user (NULL) and auth_type Kerberos kerb_authenticate_user_krb5pwd ret=0 user=username at REALM <https://mailman.mit.edu/mailman/listinfo/kerberos> authtype=Basic



If, you can help, please i will be very gracefull

Thanks



________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Fedora2/Apache2 and Key Version Error

Markus Moeller
Jose,

If I understand you right  you are using Apache2 with mod_auth_gssapi_krb5
or similar and receive a NTLM token from IE, which can't be handled by the
underlying Kerberos libraries.
You should make sure that:

1) You have IE configured to use windows integrated authentication (see
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/http-sso-1.asp)
2) Have a keytab with a HTTP/servername on the Apache2 server
3) check with kerbtray that your client gets the HTTP/servername service
ticket

Regards
Markus


""Jose M. Fernandez A."" <[hidden email]> wrote in message
news:[hidden email]...

> Hello myu friend, i wan t to know if you resolve this problem:
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> Acquiring creds for HTTP/fqdn.domain.com at REALM
> <https://mailman.mit.edu/mailman/listinfo/kerberos> Verifying client data
> using KRB5 GSS-API Verification returned code 589824 Warning: received
> token seems to be NTLM, which isn't supported... gss_accept_sec_context()
> failed: A token was invalid (Token header is malformed or corrupt)
> kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
> kerb_authenticate_user_krb5pwd ret=0 user=username at REALM
> <https://mailman.mit.edu/mailman/listinfo/kerberos> authtype=Basic
>
>
>
> If, you can help, please i will be very gracefull
>
> Thanks
>
>
>
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>


________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos