Article:
  Single Sign-on for Your Web Applications with Apache and Kerberos
Subject:   Updates to a great article
Date:   2005-03-30 03:21:43
From:   okrams
Hi,


Just thought I'd share a few observations when I used this great article as a launch pad into the SPNEGO universe. Almost all of them are tidbits of information that I gathered on the web in the process, so kudos to those who posted them.


- the SPNEGO stuff is also available in mod-auth-kerb, which happens to be available as a debian package both for apache and apache2 in unstable.


- The directives for the mod-auth-kerb are significantly different from the above, they are well documented on the modules homepage (http://modauthkerb.sourceforge.net/)


- when using the ktpass-tool, you have to specifiy the domain name in addtion to the username (ie. domainname\username) otherwise it bails with a rather obscure error message.


- I used a short php script (well, line) to read out the environment variable:
<?php echo $_SERVER['REMOTE_USER'] ; ?>
just to convince myself that it works.


cheers
okrams