“UbuntuHelp:ApacheAuthViaKerberos”的版本间的差异
来自Ubuntu中文
小 (创建新页面为 '{{From|https://help.ubuntu.com/community/ApacheAuthViaKerberos}} {{Languages|UbuntuHelp:ApacheAuthViaKerberos}} === Apache Pre-reqs === Install "libapache-mod-auth-kerb" - of co...') |
小 |
||
| 第2行: | 第2行: | ||
{{Languages|UbuntuHelp:ApacheAuthViaKerberos}} | {{Languages|UbuntuHelp:ApacheAuthViaKerberos}} | ||
=== Apache Pre-reqs === | === Apache Pre-reqs === | ||
| − | Install "libapache-mod-auth-kerb" - of course you'll also need apache setup and this article assumes you've already got kerberos setup as it's discussed [[ | + | Install "libapache-mod-auth-kerb" - of course you'll also need apache setup and this article assumes you've already got kerberos setup as it's discussed [[ADAuthentication|here]]. One example of how you can take advantage of Kerbose & Apache in a case like this is to enable authentication with your [[ADAuthentication|Active Directory]] server. |
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install libapache-mod-auth-kerb | sudo apt-get install libapache-mod-auth-kerb | ||
| 第11行: | 第11行: | ||
So, to put that another way: ''HTTP/[email protected]'' | So, to put that another way: ''HTTP/[email protected]'' | ||
=== Edit VirtualHosts === | === Edit VirtualHosts === | ||
| − | In whatever sections of your Apache [http://en.wikipedia.org/wiki/Virtual_host | + | In whatever sections of your Apache [[http://en.wikipedia.org/wiki/Virtual_host | VirtualHosts]] (or just apache config if you're running only one site), you want to add lines of the following form: |
<pre><nowiki> | <pre><nowiki> | ||
AuthName "Kerberos Login" | AuthName "Kerberos Login" | ||
| 第28行: | 第28行: | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Helpful Pages === | === Helpful Pages === | ||
| − | * This article borrows heavily from [http://support.microsoft.com/kb/555092 here]. | + | * This article borrows heavily from [[http://support.microsoft.com/kb/555092|here]]. |
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] | ||
2010年5月19日 (三) 16:44的版本
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
Apache Pre-reqs
Install "libapache-mod-auth-kerb" - of course you'll also need apache setup and this article assumes you've already got kerberos setup as it's discussed here. One example of how you can take advantage of Kerbose & Apache in a case like this is to enable authentication with your Active Directory server.
sudo apt-get install libapache-mod-auth-kerb
/etc/krb5.keytab
You need to setup a kerberos keytab, put it where ever, I put mine at /etc/krb5.keytab. This file should contain a line of the form HTTP/replace_your_web_server_full_hostname_here@ACTIVE_DIRECTORY_FULL_DOMAIN_NAME. So, to put that another way: HTTP/[email protected]
Edit VirtualHosts
In whatever sections of your Apache [| VirtualHosts] (or just apache config if you're running only one site), you want to add lines of the following form:
AuthName "Kerberos Login" AuthType Kerberos Krb5Keytab /etc/krb5.keytab KrbAuthRealm EXAMPLE.COM KrbMethodNegotiate off KrbSaveCredentials off KrbVerifyKDC off Require valid-user
Restart Apache
Almost done:
sudo /etc/init.d/apache restart
Helpful Pages
- This article borrows heavily from [[1]].
