On Wed, 2005-07-06 at 23:30 -0400, Karsten Künne wrote: > On Wednesday 06 July 2005 20:16, sxw@dcs.ed.ac.uk wrote: > > On Thu, 7 Jul 2005, Brian May wrote: > > > > > Once-upon-a-time there was an Apache module for Kerberos > > > authentication. It seemed a bit pointless at the time, because no > > > clients supported it. Also SASL would be better... What is the current > > > status of this module. Does it still exist? > > > > Possibly not the module you're thinking of (there were a number of > > mod_auth_kerb auth modules that just took the user's password and slung it > > at the KDC - not really real Kerberos). But there is now code to support > > Microsoft's HTTP-Negotiate mechanism (GSSAPI/SPNEGO/Kerberos HTTP > > authentication) as an Apache module. HTTP-Negotiate is also supported in > > recent Mozilla and Firefox builds. > > > > The Apache module (mod_auth_kerb) works very well. On the client side > HTTP-Negotiate authentication is also available in Konqueror (actually it's > in the kio_http ioslave) and I also hacked it into Lynx (but I never got > around to send patches back). Mozilla Firefox has such support, including interestingly support for this in for proxy authentication (proxy auth in the snapshots, not the 1.0 release). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc. http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
This is a digitally signed message part