Hello, I have been requested to build a web app for my medium sized organization that currently have Kerberos 5 running on the network. The webapp will require non-technical users to be able to log on remotely through a web browser (IE only is fine but there must not be any other client programs involved) and then be given different privilidges within the app depending on their role.
Being a newbie to kerberos I have done some reading about possible implementation techniques for Kerberos in web apps but have one question I am hoping some of the gurus out there may be able to help with: *Q. Can Kerberos be used to authenticate users and a php script then given access to a users username in order to authorize privilidges??* >From my reading I believe that using the mod_auth_kerb module for Apache in Negotiation mode may be the best bet for my needs but am hoping to confirm whether or not a php script on the same apache server can gain access to the users username in order to ascertain roles from a database, where I am quite happy to duplicate usernames if need be. If this scenario is not possible, can anyone offer suggestions as to a viable method to implement such a web application. Thanks in advance! George ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
