[OOD-users] Anyone doing both LDAP and Kerberos authentication in Apache?

Michael Coleman mcolema5 at uoregon.edu
Fri Nov 9 17:41:07 EST 2018


This seems like a longshot, but one snag we're hitting setting up OOD is getting Apache authentication going.  On our cluster, ssh (for example) authenticates against LDAP first (for some local and external users).  If that fails, it authenticates against the campus Kerberos, which has most of our users.

Has anyone here faced/solved this issue?

We're looking at a few possibilities, but don't want to miss an obvious easy solution.



  1.  Use multiple, redundant virtual hosts or Location clauses or even real hosts.  One for LDAP, the other for Kerberos.
  2.  Use https://github.com/adelton/mod_authnz_pam to auth via PAM.  Not sure this works without running Apache as root, though.
  3.  Use http://icephoenix.us/linuxunix/apache-and-http-authentication-with-pam/.  Similar, but uses an external setuid password checker.

Michael Coleman (mcolema5 at uoregon.edu<mailto:mcolema5 at uoregon.edu>)
Computational Scientist
Research Advanced Computing Services
University of Oregon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osu.edu/pipermail/ood-users/attachments/20181109/67da05e9/attachment-0001.html>

More information about the OOD-users mailing list