Skip to content

gssapi-no-negotiate not working #261

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
TBG-FR opened this issue Nov 24, 2021 · 1 comment
Closed

gssapi-no-negotiate not working #261

TBG-FR opened this issue Nov 24, 2021 · 1 comment
Labels
invalid

Comments

@TBG-FR
Copy link

TBG-FR commented Nov 24, 2021

Hello there

I'm trying to use mod_auth_gssapi instead of mod_auth_kerb, to avoid seeing that awful login/password popup on Chrome/Edge, however even when the gssapi-no-negotiate variable is set, it's still displayed...

Here's my config

  <Directory /var/www/site/>
    [...]

    <If "%{REQUEST_METHOD} == 'GET'">
      BrowserMatch Windows gssapi-no-negotiate
      AuthType GSSAPI
      AuthName "Kerberos Login"
      GssapiCredStore keytab:/path/to/my/file.keytab
      GssapiBasicAuth Off
      GssapiAllowedMech krb5
      GssapiBasicAuthMech krb5
      GssapiNegotiateOnce On
      GssapiSSLonly On
      GssapiLocalName On
      GssapiUseSessions Off
      Require valid-user
      ErrorDocument 401 /?kerb=0
    </If>

  </Directory>

Many thanks in advance for your help !
@TBG-FR
Copy link
Author

TBG-FR commented Nov 24, 2021

My bad, apt installed an old version of the module (1.4.x) , because debian's version was old too (Stretch). No more issues after manually building and using 1.6.3 😄

@simo5 simo5 added the invalid label Nov 29, 2021
@simo5 simo5 closed this as completed Nov 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@simo5 @TBG-FR