[27113] in Kerberos
No subject found in mail header
daemon@ATHENA.MIT.EDU (Dennis Putnam)
Thu Dec 7 15:39:07 2006
Mime-Version: 1.0 (Apple Message framework v752.2)
To: kerberos@mit.edu
Message-Id: <FABA707B-D8BB-41C2-93FD-F90C50D32843@aimaudit.com>
From: Dennis Putnam <dennis.putnam@aimaudit.com>
Date: Thu, 7 Dec 2006 07:31:36 -0500
Content-Type: multipart/mixed; boundary="===============1753425102=="
Errors-To: kerberos-bounces@mit.edu
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============1753425102==
Content-Type: multipart/signed; protocol="application/pgp-signature";
micalg=pgp-sha1; boundary="Apple-Mail-7-356419833"
Content-Transfer-Encoding: 7bit
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--Apple-Mail-7-356419833
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
Thanks for the reply. The reply from Jiva DeVoe (thank you very much)
may be the one that gets me out of this jam. I am going to forward
that to the author of the Authen::Krb5 module to see if that helps. I
did answer your questions below in case you or someone else has
additional comments or suggestions.
On Dec 6, 2006, at 9:21 PM, Michael B Allen wrote:
>
>
>
> Are you using the PHP SAPI (server API) or CLI (commandline)?
>
> API.
>
>
> You said "page" as in HTLM page so I will assume SAPI in which case
> I'm
> confused for two reasons.
>
> First, how you are calling Perl from within PHP?
>
system($command,$ret_code);
>
>
> Second how are you getting initial credentials? Is your web app
> authenticating browser clients using Kerberos?
I'm not, which is the crux of the problem. I'm using the Authen:Krb5
module for perl. As I said above, I call my script using 'system';
>
> Mike
>
> PS: The next revision of our product (see sig) will enable PHP to
> directly perform a wide variety authentication, authorization and
> account management tasks with both SAPI and CLI (e.g. do HTTP SSO
> and use
> delegated cred with Kerberos aware clients like curl, ldap, pgsql,
> etc).
That is a big hole in the current implementation of PHP. It provides
a few methods of authentication but adding Kerberos support to the
API will be a very welcome addition.
>
> --
> Michael B Allen
> PHP Active Directory SSO
> http://www.ioplex.com/
>
Dennis Putnam
Sr. IT Systems Administrator
AIM Systems, Inc.
11675 Rainwater Dr., Suite 200
Alpharetta, GA 30004
Phone: 678-240-4112
Main Phone: 678-297-0700
FAX: 678-297-2666 or 770-576-1000
The information contained in this e-mail and any attachments is
strictly confidential. If you are not the intended recipient, any
use, dissemination, distribution, or duplication of any part of this
e-mail or any attachment is prohibited. If you are not the intended
recipient, please notify the sender by return e-mail and delete all
copies, including the attachments.
--Apple-Mail-7-356419833
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFFeAmpOf1h4ewDwJwRAh4cAKCAHoY3qdBrgUXI3V4R9e00FRK6lQCePYTj
PGLbn+xZSkPeNODhJ/iEgc0=
=EPUS
-----END PGP SIGNATURE-----
--Apple-Mail-7-356419833--
--===============1753425102==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============1753425102==--
