After some exploration I've found that ssl is not related to this issue,
but such things as DirectoryIndex as cgi script -- is related.
I.e. there are situations when apache calls auth module twice per
request, and in it is valid behaviour. So, mod_auth_kerb should handle
this situation properly
Package: libapache2-mod-auth-kerb
Version: 5.3-5
Severity: normal
Tags: patch
When using kerberos authentication for https, the kerberos module adds
WWW-Authenticate lines 2 times (the same configuration without https is
OK). I.e., in the response to simple request (without any auth info),
server
2 matches
Mail list logo
