Thanks you all for your help, I eventually managed to make it work. What was wrong in my config: - The keytab had not been generated exactly like it was describe in Achim's guide (http://www.grolmsnet.de/kerbtut/ ). Solution: regenerate the keytab using EXACTLY the settings described by Achim in the section 6 of his guide.
- After installing the keytab on my web server using ktutil, the generated keytab file was not accessible to the user owning the apache process. I had the following error: gss_acquire_cred() failed: Miscellaneous failure (Permission denied) Solution: chmod the kerberos keytab file and grant RW access to the apache user. - After these changes, I still didn't have a successful authentication. The ticket was being acquired for HTTP/[EMAIL PROTECTED] instead of HTTP/[EMAIL PROTECTED] Solution: Change the /etc/hosts file so that the entry in that file that read: 172.24.25.130 gtci2736vm gtci2736vm.bgt.banta.com becomes: 172.24.25.130 gtci2736vm.bgt.banta.com gtci2736vm At this stage, the authentication works using a non secure connection. I'm going to try with the secure one. Thanks again all for your help (Achim and Markus in particular). Yannick ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
