Am Donnerstag, den 13.11.2008, 14:11 +0100 schrieb John Jasen:

> So what happens now if you try a kinit -kt /etc/krb5.keytab
> HTTP/[EMAIL PROTECTED]
>
> That's effectively verifying via kinit that the SPN can get tickets, BTW.
>
> I'll try your method when I get into the office and see if it makes a
> profound difference.
>


I am not a kerberos guru but i think your test is wrong see this post:
http://mailman.mit.edu/pipermail/kerberos/2002-March/000429.html

All i can tell you is that it really works for us with mod_auth_krb (and
yes negativ test with removed tgt also fail as they should)

Chris


financial.com AG

Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | 
Germany
Frankfurt branch office/Niederlassung Frankfurt: Messeturm | 
Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany
Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis 
Eisenhofer | Dr. Yann Samson | Matthias Wiederwach
Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender)
Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID 
number/St.Nr.: DE205 370 553

_______________________________________________
Tech mailing list
[email protected]
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Reply via email to