#3607 mod_auth_kerb doesn't work with DIR ccache
Closed: Fixed None Opened 10 years ago by rcritten.

krb5-server-1.11.2-4.fc19.x86_64 uses DIR ccaches by default. mod_auth_kerb is hardcoded to use a FILE ccache so cannot work with a DIR ccache:

Errors look like:

[Mon May 06 17:34:20.615703 2013] [auth_kerb:error] [pid 26394] [client 192.168.196.165:46538] Could not get default Kerberos ccache: No credentials cache found (-1765328189), referer: https://ipa.example.com/ipa/xml
[Mon May 06 17:34:20.620755 2013] [auth_kerb:error] [pid 26394] [client 192.168.196.165:46538] gss_acquire_cred() failed: Unspecified GSS failure.  Minor code may provide more information (, Can't find client principal HTTP/ipa.example.com@EXAMPLE.COM in cache collection), referer: https://ipa.example.com/ipa/xml

This can be fixed by setting KRB5CCNAME in /etc/sysconfig/httpd

Disabling RHEL Bugzila field, this is a F19 development regression.

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 3.2 - 2013/04-05 (GA)

7 years ago

Login to comment on this ticket.

Metadata