[OOD-users] Anyone doing both LDAP and Kerberos authentication in Apache?
Michael Coleman
mcolema5 at uoregon.edu
Fri Nov 9 17:41:07 EST 2018
Hi,
This seems like a longshot, but one snag we're hitting setting up OOD is getting Apache authentication going. On our cluster, ssh (for example) authenticates against LDAP first (for some local and external users). If that fails, it authenticates against the campus Kerberos, which has most of our users.
Has anyone here faced/solved this issue?
We're looking at a few possibilities, but don't want to miss an obvious easy solution.
Thanks,
Mike
Possibilities:
1. Use multiple, redundant virtual hosts or Location clauses or even real hosts. One for LDAP, the other for Kerberos.
2. Use https://github.com/adelton/mod_authnz_pam to auth via PAM. Not sure this works without running Apache as root, though.
3. Use http://icephoenix.us/linuxunix/apache-and-http-authentication-with-pam/. Similar, but uses an external setuid password checker.
Michael Coleman (mcolema5 at uoregon.edu<mailto:mcolema5 at uoregon.edu>)
Computational Scientist
Research Advanced Computing Services
University of Oregon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osu.edu/pipermail/ood-users/attachments/20181109/67da05e9/attachment-0001.html>
More information about the OOD-users
mailing list