LUISRAMOS wrote: > We have a unix web server with Apache were we installed kerberos to > implement single sign on.
I guess you're using mod_auth_kerb? > The idea with this is to have the ability of > autenticating through the Windows Active Directory once not needing to log > again in the unix box. After the setup, the autentication works. When we > log in to the unix server, a popup window asks for user/pwd. After entering > user/pwd the credentials are autenticated against the windows active > directory and the access to the unix/apache box is granted. However, what > we want is to avoid this login popup. We noticed that when the popup window > is displayed the following message is seeing in the popup: "Warning: This > server is requesting that your username and password be sent in an insecure > manner (basic authentication without a secure connection). Looks like the > internet browser is sending the credentials in plain text to the unix box. > > Anybody has an idea on how we can configure Kerberos, or any other component > to avoid this popup window. Set "KrbMethodK5Passwd off" in httpd.conf. See also: http://modauthkerb.sourceforge.net/configure.html Ciao, Michael. -- Michael Ströder E-Mail: [email protected] http://www.stroeder.com ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
