Kerberos authentication module for nginx
mike503 at gmail.com
Wed Apr 29 13:30:52 MSD 2009
On Wed, Apr 29, 2009 at 2:09 AM, Matteo Redaelli <lists at ruby-forum.com> wrote:
> It would be very useful for intranet web applications to have a Kerberos
> Authentication module like the one for apache httpd
> (http://modauthkerb.sourceforge.net/) and the lighttpd one
> Has enyone already implemented it? is it in the roadmap?
I have a developer working on it right now, actually.
Once his code is in a functional state I'll want as many people out
there to review and try it.
It's basically a port of mod_auth_gssapi from Apache, which seemed to
have the strongest SPNEGO support.
I hired the developer through RentACoder; if anyone feels inclined to
pitch in funds to help cover the cost I'd be more than happy to
supplement him/cover some of my out of pocket expense (my company did
not cover it, I paid for it personally to help nginx advance and my
company can benefit from it)
Essentially it will do all the Kerberos work and supply REMOTE_USER
via the environment to PHP, etc.
If you have a good understanding of how it works I'd like your input
on it to make sure the developer is creating it in a useful fashion
(and/or you can help test) - right now I am stuck as I can't figure
out how to get my Ubuntu machine on our domain at work, and that is
required for this to work. (It would be great if it didn't have to be
on the domain though ... )
More information about the nginx