freebsd-ports/www/mod_auth_kerb2/pkg-descr
Brian Feldman c8dcc98995 * Allow for compilation to optionally use the MIT Kerberos 5 port like
now, but default to the base system's Heimdal.
* Use existing API to tell Heimdal's libkrb5 where the keytab is, rather
  than exporting an environment variable (which is what must be done for
  MIT's, apparently) -- this unbreak's specification of the keytab
  location in httpd.conf.
* Rewrite the description to be far more accurate: no mention was made
  of this module  doing real SPNEGO/GSSAPI/Kerberos (as opposed to
  "Kerberos password gateway") authentication.
* Bump PORTREVISION.

Approved by:	MAINTAINER
PR:		ports/86963
2005-10-14 22:55:59 +00:00

13 lines
781 B
Text

mod_auth_kerb is an Apache module for authenticating Web clients in a
Kerberos v5 realm. Authentication may be performed via the Kerberos
principal/password; it may also be done securely using SPNEGO (HTTP
Negotiate auth protocol) to perform a GSSAPI/Kerberos authentication
from the user's browser and Kerberos credentials directly to the server
Kerberos credentials 'HTTP/host@REALM'. Because the Kerberos password is
transmitted in plain text in the former mode, when using mod_auth_kerb
for naive HTTP Basic (password-based) authentication, this module
MUST be used in conjunction with an encryption-capable Web server
(e.g. Apache) to keep that exchange private. There is no documentation
provided; see the Web site for more details.
WWW: http://modauthkerb.sourceforge.net/