#6446 Create test for kerberos over http
Closed: Fixed None Opened 7 years ago by ofayans.

Original FRE for kerberos over http (aka KdcProxy) is #4801

How to test:

  1. Setup master and client
  2. On master block both tcp and udp port 88 (only for client's ip):

    iptables -A INPUT -p tcp -s %client_ip% --dport 88 -j DROP
    iptables -A INPUT -p udp -s %client_ip% --dport 88 -j DROP

  3. On client edit /etc/krb5.conf and substitute both 'kdc' and 'master_kdc' values with

    https://%master_hostname%/KdcProxy

  4. Run kinit on client

Expected results:[[BR]]
kinit successful


master:

  • c7fd46e Test: made kinit_admin a returning function
  • 503d092 Test: basic kerberos over http functionality

Metadata Update from @ofayans:
- Issue assigned to ofayans
- Issue set to the milestone: FreeIPA 4.5

7 years ago

Login to comment on this ticket.

Metadata