Kerberos authentication module for nginx

Michael Shadle mike503 at
Thu May 7 01:30:28 MSD 2009

well at the moment i am waiting for the current developer (that i am
paying) to finish it to a "complete" enough state and then let the
community mature it and hack it up, maybe have igor take a look and
correct any possible things that might make nginx unhappy. the
developer knows C but is not fluent in either nginx or kerberos, so
he's doing a trial by fire.

the one thing i want to make sure first is that you don't need to join
the machine to the domain to use it. currently i personally can't
figure out how to get it all going yet.

but the "terms" of the rentacoder bid were to keep this open and that
it would be released publicly once it is in a functional state. adding
features in can happen after that, but for now i just need basic
SPNEGO type authentication support, and that's basically the scope of
it. the more people want to hack on it, make it better, enhance it,
the better :)

On Wed, May 6, 2009 at 3:51 AM, Matteo Redaelli <lists at> wrote:
> Ciao Michael
> I have testing your alpha/beta kerberos module and it seems to work
> I notice that
> *) you cannot setup user prompt for workstation not joined to teh domain
> (I get it with a linux workstation and with mod_auth_kerb and parameter
> "KrbMethodK5Passwd on")
> *) it is not possibile to limit the users (for instance indicating a
> list of users, an AD group [but could not be possible because of
> kerberos protocol])
> I hope that you will distribute the patch to the forum and ask other
> people to test it. Or better create an opensource project (github,
> google code,sourceforge) where everyone can contribute and improve it.
> Regards
> Matteo
> --
> Posted via

More information about the nginx mailing list