Apache mod_auth_kerb asking 2 authentication
Posted
by Rianto Wahyudi
on Server Fault
See other posts from Server Fault
or by Rianto Wahyudi
Published on 2010-01-07T00:45:04Z
Indexed on
2010/03/18
1:01 UTC
Read the original article
Hit count: 474
I've configured Apache to use mod_auth_kerberos. So far everything is working nicely for client thats connected to Active Directory and have their browser to ntlm enabled.
When clients are not in the domain or the browser configurerd not to authenticate automatically, they are being prompted by 2 login prompt.
The first login prompt is blank and the second one is the oen that we configured
First Login prompt: http://www.screencast.com/t/ZGNlZTQwZm
Second Login prompt : http://www.screencast.com/t/MDA2N2Fl
From the log ( first authentication) :
[Wed Jan 06 15:47:29 2010] [debug] src/mod_auth_kerb.c(1684): [client x.x.x.x] [pid 2562] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
In the first loging prompt , I can put any text for username and password. Once the first login form submited, it will ask for the 2nd login prompt.
Apache have following config :
<Directory /web/apache2/htdocs>
AllowOverride All
AuthType Kerberos
AuthName "Staff Access ONLY Kerb-Auth"
KrbAuthRealms EXAMPLE.COM
Krb5Keytab /etc/httpd/conf.d/example.ktab
Allow from localhost
Require valid-user
<Directory>
What could be the cause of the first authentication and how can I get rid of them ?
© Server Fault or respective owner