Am Donnerstag, den 13.11.2008, 14:11 +0100 schrieb John Jasen: > So what happens now if you try a kinit -kt /etc/krb5.keytab > HTTP/[EMAIL PROTECTED] > > That's effectively verifying via kinit that the SPN can get tickets, BTW. > > I'll try your method when I get into the office and see if it makes a > profound difference. >
I am not a kerberos guru but i think your test is wrong see this post: http://mailman.mit.edu/pipermail/kerberos/2002-March/000429.html All i can tell you is that it really works for us with mod_auth_krb (and yes negativ test with removed tgt also fail as they should) Chris financial.com AG Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender) Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553 _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
