Obviously, rule out that you have permissions to write to wherever this perl mod wants to put it's tickets... but... another possibility is that this is similar to the problem I ran into when I was trying to use Kerberos from within a system service not associated with a login.
Apple uses a specialized API for storing tickets which does not write the cache to disk, but instead communicates with a Credentials cache server. This cache server is associated with each user on login. When running an application as a service or a daemon, there is no CC Server for it to talk to, so you need to use some "other" method to store your ticket. For me, this meant using the C kerberos API to create a cache file of: MEMORY:whatever. You may be able to just use the environment variables for this... not sure. The syntax for the environment variables is as follows: FILE:/tmp/whatever MEMORY:whatever API:whatever Apple, by default, uses API:whatever and this is possibly your problem. Try setting the environment variable KRB5CCNAME=FILE:/tmp/ whatever - if this doesn't work, try going a little lower and using your perl equivilent to krb5_cc_resolve and friends to set it up within your program. On Dec 6, 2006, at 2:58 PM, Dennis Putnam wrote: > I am writing a perl script that uses the Authen:Krb5 module. The > script is simply trying to obtain an initial ticket. The problem > arises when I try to run the script from a PHP page. The script fails > with the call that initializes the ccache ($cc->initialize > ($pclient)). The error, according to the author of Authen::Krb5, > indicates that the ccache cannot be written due to a permissions > problem. > > Is someone here familiar enough with the API thing that Apple uses in > its implementation to suggest a plan of action for debugging this? > > Thanks. > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
