* "mit2ms"
* **note:** Nowadays you might want to consider to use the more modern mod_auth_gssapi instead of mod_auth_kerb.
===== configure apache/mod_auth_kerb =====
cd /opt/src
tar xjf httpd-2.2.4.tar.bz2
cd httpd-2.2.4
./configure --prefix=/opt/soft_httpd-2.2.4
make -j6 && make install && cd ..
tar xzf mod_auth_kerb-5.3.tar.gz
cd mod_auth_kerb-5.3
./configure --with-krb5=/opt/soft_krb5-1.6.1/ --with-krb4=no --with-apache=/opt/soft_httpd-2.2.4/
make -j6 && make install && cd ..
cd /opt/soft_httpd-2.2.4/conf
echo 'LoadModule auth_kerb_module modules/mod_auth_kerb.so' >>httpd.conf
vi /opt/soft_httpd-2.2.4/conf/httpd.conf
>In section change 'AllowOverride None to 'AllowOverride All'
cd ../htdocs
mkdir authed
echo 'This is in the authed area.'>authed/index.html
cat >authed/.htaccess< addprinc -randkey HTTP/sid64.fluxcoil.net
> ktadd -k /opt/soft_httpd-2.2.4/http.keytab HTTP/sid64.fluxcoil.net
chmod +r /opt/soft_httpd-2.2.4/http.keytab
/opt/soft_httpd-2.2.4/bin/apachectl restart
# the serverside is ready now.
===== use from a linuxworkstation =====
klist # get ticket if needed
firefox # start kerberized firefox
> in URL-line type 'about:config'
> in filter-line type 'network.nego'
> 'network.negotiate-auth.delegation-uris' and 'network.negotiate-auth.gsslib' should be empty
> 'network.negotiate-auth.trusted-uris' should be set to 'fluxcoil.net' or other domains where automatic signon is wanted for
Now try to access http://sid64.fluxcoil.net/ and http://sid64.fluxcoil.net/authed . Latter one should automatically sign you on.
===== use from a windows-workplace =====
start firefox
> in URL-line type 'about:config'
> in filter-line type 'network.nego'
> 'network.negotiate-auth.delegation-uris' and 'network.negotiate-auth.gsslib' should be empty
> 'network.negotiate-auth.trusted-uris' should be set to 'fluxcoil.net' or other domains where automatic signon is wanted for
> 'network.auth.use-sspi' has to be set to false
Now try to access http://sid64.fluxcoil.net/ and http://sid64.fluxcoil.net/authed . Latter one should automatically sign you on.