I don't have any information in sogo log but I have something in apache error log:
[Tue Feb 01 11:40:43 2011] [debug] src/mod_auth_kerb.c(1432): [client 131.154.7.18] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Tue Feb 01 11:40:43 2011] [debug] src/mod_auth_kerb.c(915): [client 131.154.7.18] Using HTTP/####.it@####.IT as server principal for password verification [Tue Feb 01 11:40:43 2011] [debug] src/mod_auth_kerb.c(655): [client 131.154.7.18] Trying to get TGT for user mbenci@####.IT [Tue Feb 01 11:40:43 2011] [debug] src/mod_auth_kerb.c(569): [client 131.154.7.18] Trying to verify authenticity of KDC using principal HTTP/####.it@###.IT [Tue Feb 01 11:40:43 2011] [debug] src/mod_auth_kerb.c(994): [client 131.154.7.18] kerb_authenticate_user_krb5pwd ret=0 user=mbenci@####.IT authtype=Basic [Tue Feb 01 11:40:43 2011] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //127.0.0.1:20000/SOGo/ [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(1488): [client 131.154.7.18] proxy: http: found worker http://127.0.0.1:20000/SOGo for http://127.0.0.1:20000/SOGo/ [Tue Feb 01 11:40:43 2011] [debug] mod_proxy.c(966): Running scheme http handler (attempt 0) [Tue Feb 01 11:40:43 2011] [debug] mod_proxy_http.c(1976): proxy: HTTP: serving URL http://127.0.0.1:20000/SOGo/ [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2044): proxy: HTTP: has acquired connection for (127.0.0.1) [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2102): proxy: connecting http://127.0.0.1:20000/SOGo/ to 127.0.0.1:20000 [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2195): proxy: connected /SOGo/ to 127.0.0.1:20000 [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2347): proxy: HTTP: fam 2 socket created to connect to 127.0.0.1 [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2449): proxy: HTTP: connection complete to 127.0.0.1:20000 (127.0.0.1) [Tue Feb 01 11:40:43 2011] [debug] mod_proxy_http.c(1753): proxy: start body send [Tue Feb 01 11:40:43 2011] [debug] mod_proxy_http.c(1842): proxy: end body send [Tue Feb 01 11:40:43 2011] [debug] proxy_util.c(2062): proxy: HTTP: has released connection for (127.0.0.1) Marco B 2011/2/1 Marco Bencivenni <[email protected]> > Dear all, > > excuse me but I prevoiulsy posted an incorrect configuration. > The problem is that I tru to use a kerberos authentication but I got a > blank page withe the only word "Unauthorized" > The configuration apache-kerberos is correct, but there is something in > SOGo configuration in order to use kerberos credentials. > I hope that someone has already faced this type of problem. > Thanks in advance, > Marco B > > > In my SOGo.conf I uncomment: > > <Location /SOGo> > AuthType Kerberos > AuthName "Kerberos Login" > KrbMethodNegotiate Off > KrbMethodK5Passwd On > KrbAuthRealms ####.IT > KrbServiceName HTTP/###.it@####.IT > Krb5KeyTab /etc/httpd/conf/keytab > require valid-user > Order allow,deny > > Allow from all > </Location> > > and > > RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" > > > My .GNUstepDefaults is > > > <key>OCSFolderInfoURL</key> > <string>mysql://sogo:sogo@localhost > :3306/sogo/sogo_folder_info</string> > <key>SOGoACLsSendEMailNotifications</key> > <string>YES</string> > <key>SOGoAppointmentSendEMailNotifications</key> > <string>YES</string> > <key>SOGoDraftsFolderName</key> > <string>Drafts</string> > <key>SOGoFoldersSendEMailNotifications</key> > <string>YES</string> > <key>SOGoIMAPServer</key> > > <string>imaps://###.it:993/?tls=YES<http://iris.cnaf.infn.it:993/?tls=YES> > </string> > <key>SOGoLanguage</key> > <string>Italian</string> > <key>SOGoMailDomain</key> > <string>cnaf.infn.it</string> > <key>SOGoProfileURL</key> > <string>mysql://sogo:sogo@localhost > :3306/sogo/sogo_user_profile</string> > <key>SOGoSentFolderName</key> > <string>Sent</string> > <key>SOGoTimeZone</key> > <string>Europe/Rome</string> > <key>SOGoTrashFolderName</key> > <string>Trash</string> > <key>SOGoTrustProxyAuthentication</key> > <string>YES</string> > <key>SOGoUserSources</key> > <array> > <dict> > <key>CNFieldName</key> > <string>cn</string> > <key>IDFieldName</key> > <string>uid</string> > <key>UIDFieldName</key> > <string>uid</string> > <key>baseDN</key> > <string>ou=people,ou=cnaf,o=infn,c=it</string> > <key>canAuthenticate</key> > <string>YES</string> > <key>displayName</key> > <string>Shared Addresses</string> > <key>hostname</key> > <string>131.154.128.32</string> > <key>id</key> > <string>public</string> > <key>isAddressBook</key> > <string>YES</string> > <key>port</key> > <string>389</string> > <key>type</key> > <string>ldap</string> > </dict> > </array> > </dict> > </dict> > </plist> > > > > 2011/1/26 <[email protected]> > > Hi Marco, >> >> to use external authentication like Kerberos you have to use HTTP Header >> in >> front of SOGo: >> >> http://www.sogo.nu/english/support/faq/article/how-to-use-webauth-with-sogo-2.html >> >> There are a lot of examples in the Web for doing that. But the exact >> configuration steps depend on your setup. Especially for Apache and >> Kerberos >> there are a lot of how-tos. >> >> esco >> -- >> [email protected] >> https://inverse.ca/sogo/lists >> > > -- [email protected] https://inverse.ca/sogo/lists
