--On Thursday, March 24, 2005 7:23 AM -0800 Ben Poliakoff <[EMAIL PROTECTED]> wrote:
So you are saying essentially, that you want your application to ignore the Kerberos *standard* and do something non-compliant. I don't find that to be a particularly wise assumption to behave upon, myself.
I guess in my attempt at brevity I left out some details. I'm perfectly happy with the krb5 libraries' use of KRB5CCNAME. The single sign on system that I'm using populates $ENV{KRB5CCNAME} with the location of the ticket of the authenticated user.
Perl scripts that run under mod_cgi work fine since they spawn a process and inherit $ENV{KRB5CCNAME}. But when running under *mod_perl* the script is compiled using apache user's environment, so it's stuck looking in the default location for the apache user's ccache.
I was wondering whether anyone on this list has encountered this sort of problem before, and knew of a way to get a script to reevaluate or reset a variable that had been inherited at compile time. This issue is, admittedly, not explicitly tied to perl-ldap. But I thought that it might be a common enough issue for people working with perl-ldap that the members of this list might have some helpful insights.
Ben,
Ah okay, that makes more sense. I've never used mod_perl, myself. I imagine that you would have to hack mod_perl in this case to behave like mod_cgi. It is something I'll need to play with myself, I think, with Stanford's SSO web software (http://webauthv3.stanford.edu) for one of the applications I maintain, since I want to updated it to use the credentials passed in from the server (rather than its own, as it does currently).
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
"These censorship operations against schools and libraries are stronger than ever in the present religio-political climate. They often focus on fantasy and sf books, which foster that deadly enemy to bigotry and blind faith, the imagination." -- Ursula K. Le Guin
