On Thu, 05 Oct 2006 11:10:27 -0700 Russ Allbery <[EMAIL PROTECTED]> wrote:
> Michael B Allen <[EMAIL PROTECTED]> writes: > > Russ Allbery <[EMAIL PROTECTED]> wrote: > > >> mod_auth_kerb can (via BasicAuth), but you need to have the passwords > >> in some Kerberos database. It doesn't help if they're only in LDAP. > > > I'm a little confused by this statement. If mod_auth_kerb uses > > krb5_get_init_creds_password it shouldn't care where passwords are. > > It only does Kerberos authentication. If the passwords are stored as > encrypted hashes in an LDAP directory server (which is what people > normally mean when they talk about "LDAP authentication"), it doesn't > help. Actually I think mod_auth_ldap just uses ldap_bind functions to "authenticate" so the passwords "stored as encrypted hashes" part still confuses me a little. But you're right. I see now that the OP was asking about Basic for users NOT in AD so it doesn't sound like he would be able to use mod_auth_kerb. Mike -- Michael B Allen PHP Active Directory SSO http://www.ioplex.com/ ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
