Date: Wed, 16 Sep 2009 07:55:34 -0700 (PDT) From: Tim Gustafson <tjg@soe.ucsc.edu> To: Mel Flynn <mel.flynn+fbsd.ports@mailing.thruhere.net> Cc: freebsd-ports@freebsd.org Subject: Re: Creating a New Port: /usr/ports/security/pecl-kadm5 Message-ID: <1190336329.1328231253112934895.JavaMail.root@mail-01.cse.ucsc.edu> In-Reply-To: <687847446.1328211253112908338.JavaMail.root@mail-01.cse.ucsc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
------=_Part_29407_287177134.1253112934892
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
> The latest release is 2003 so it looks largely unmaintained
> :/. I don't have a kerberos server available that I can play
> with, without upsetting people :). There's also no docs
> available that specify if this module is meant to be working
> through a webserver. However, you did specify a password for
> kadm5_init_with_password in php? If you have some php testcode,
> I can see if I can steal a jail to setup a test Kerberos server.
Yeah, I noticed that the PECL module itself was unmaintained at this point, but I was hoping that it was functional.
Yes, I'm specifying a password to kadm5_init_with_password. Please see attached PHP script, which runs under Apache-level authentication.
If I run this from the command line, it does indeed prompt me interactively for a password. I'm wondering if that's a function of the PECL library itself, or if it's due to something internal to Kerberos that's changed since the PECL module was released.
I guess I'm going to have to learn some more C if I want this to work. :(
Tim Gustafson
Baskin School of Engineering
UC Santa Cruz
tjg@soe.ucsc.edu
831-459-5354
------=_Part_29407_287177134.1253112934892
Content-Type: application/octet-stream; name=kerberos.php
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=kerberos.php
<?php
if (($_SERVER["PHP_AUTH_USER"] == "") or
($_SERVER["PHP_AUTH_PW"] == "")) {
echo "ERROR: Your user name or password was not supplied.";
exit(1);
}
$Kerberos = kadm5_init_with_password("kerberos-01",
"FOO.LOCAL",
$_SERVER["PHP_AUTH_USER"],
$_SERVER["PHP_AUTH_PW"]);
if (!$Kerberos) {
echo "ERROR: Could not authenticate against the Kerberos server.";
exit(1);
}
$Princs = kadm5_get_principals($Kerberos);
if (!$Princs) {
echo "ERROR: Could not get list of principals.";
exit(1);
}
echo "<pre>\n";
print_r($Princs);
echo "</pre>\n";
kadm5_destroy($Kerberos);
?>
------=_Part_29407_287177134.1253112934892--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1190336329.1328231253112934895.JavaMail.root>