API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 16th, 2015
255
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.55 KB | None | 0 0
raw download clone embed print report
  1. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
  2. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
  3. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1264): [client 10.105.5.131] Acquiring creds for HTTP/<FQDN>@<LOCAL.DOMAIN>
  4. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1411): [client 10.105.5.131] Verifying client data using KRB5 GSS-API
  5. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1427): [client 10.105.5.131] Client didn't delegate us their credential
  6. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1446): [client 10.105.5.131] GSS-API token of length 22 bytes will be sent back
  7. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
  8. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1264): [client 10.105.5.131] Acquiring creds for HTTP/<FQDN>@<LOCAL.DOMAIN>
  9. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1411): [client 10.105.5.131] Verifying client data using KRB5 GSS-API
  10. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1427): [client 10.105.5.131] Client didn't delegate us their credential
  11. [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1125): [client 10.105.5.131] GSS-API major_status:00090000, minor_status:00000000
  12.  
  13. sudo kinit -t /etc/krb5.keytab HTTP/<FQDN>
  14.  
  15. Credentials cache: FILE:/tmp/krb5cc_0
  16. Principal: HTTP/<FQDN>@<LOCAL.DOMAIN>
  17.  
  18. Issued Expires Principal
  19. Jun 11 17:21:58 2015 Jun 12 00:01:57 2015 krbtgt/<LOCAL.DOMAIN>@<LOCAL.DOMAIN>
  20.  
  21. [libdefaults]
  22. ticket_lifetime = 24000
  23. default_realm = <LOCAL.DOMAIN>
  24. dns_lookup_realm = false
  25. dns_lookup_kdc = false
  26. default_keytab_name = /etc/krb5.keytab
  27. rdns = false
  28.  
  29. [realms]
  30. KC.KPLUS = {
  31. kdc = <dc.ip>:88
  32. admin_server = <dc.ip>:88
  33. default_domain = <LOCAL.DOMAIN>
  34. }
  35.  
  36. [domain_realm]
  37. .<local.domain> = <LOCAL.DOMAIN>
  38. <local.domain> = <LOCAL.DOMAIN>
  39.  
  40.  
  41.  
  42. [appdefaults]
  43. pam = {
  44. debug = false
  45. ticket_lifetime = 36000
  46. renew_lifetime = 36000
  47. forwardable = true
  48. krb4_convert = false
  49. }
  50.  
  51. AddHandler cgi-script .cgi .pl
  52. Options +ExecCGI
  53. DirectoryIndex index.pl
  54. AuthName "<LOCAL.DOMAIN>"
  55. AuthType Kerberos
  56. Krb5Keytab /etc/krb5.keytab
  57. KrbAuthRealm <LOCAL.DOMAIN>
  58. KrbMethodNegotiate on
  59. KrbServiceName HTTP/<FQDN>@<LOCAL.DOMAIN>
  60. KrbMethodK5Passwd off
  61. KrbSaveCredentials on
  62. KrbVerifyKDC off
  63. Require valid-user
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!