c8dcc98995
now, but default to the base system's Heimdal. * Use existing API to tell Heimdal's libkrb5 where the keytab is, rather than exporting an environment variable (which is what must be done for MIT's, apparently) -- this unbreak's specification of the keytab location in httpd.conf. * Rewrite the description to be far more accurate: no mention was made of this module doing real SPNEGO/GSSAPI/Kerberos (as opposed to "Kerberos password gateway") authentication. * Bump PORTREVISION. Approved by: MAINTAINER PR: ports/86963
14 lines
781 B
Plaintext
14 lines
781 B
Plaintext
mod_auth_kerb is an Apache module for authenticating Web clients in a
|
|
Kerberos v5 realm. Authentication may be performed via the Kerberos
|
|
principal/password; it may also be done securely using SPNEGO (HTTP
|
|
Negotiate auth protocol) to perform a GSSAPI/Kerberos authentication
|
|
from the user's browser and Kerberos credentials directly to the server
|
|
Kerberos credentials 'HTTP/host@REALM'. Because the Kerberos password is
|
|
transmitted in plain text in the former mode, when using mod_auth_kerb
|
|
for naive HTTP Basic (password-based) authentication, this module
|
|
MUST be used in conjunction with an encryption-capable Web server
|
|
(e.g. Apache) to keep that exchange private. There is no documentation
|
|
provided; see the Web site for more details.
|
|
|
|
WWW: http://modauthkerb.sourceforge.net/
|