I have one Windows AD server, and one Linux server which runs Apache and Subversion, also have one Windows server runs .net web application which use Windows Authentication.
I already configured out how apply Kerberos or GSSAPI to auth subversion users with AD credentials, and the users use computers which joined domain won't prompt a window ask for user and password when access .net web app and svn.
But these users who are not join domain always prompt a window ask for user and password both of web app and svn twice, I want to share login credential for the two applications, how can I apply?
Thanks.
krb5.conf:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = SCRCUTEST.COM
forwardable = true
dns_lookup_realm = false
dns_lookup_kdc = true
rdns = false
[realms]
SCRCUTEST.COM = {
kdc = astest.scrcutest.com
admin_server = astest.scrcutest.com
}
[domain_realm]
.scrcutest.com = SCRCUTEST.COM
scrcutest.com = SCRCUTEST.COM
resolv.conf:
domain scrcutest.com
nameserver 10.16.0.37
http.conf:
<Location /svn>
DAV svn
SVNParentPath /data/bb_bak/PV/access
SVNListParentPath On
SVNAutoVersioning On
AuthType Kerberos
AuthName "Input AD account"
KrbAuthRealms SCRCUTEST.COM
KrbServiceName HTTP
Krb5Keytab /etc/httpd/conf/kerberos.keytab
KrbMethodNegotiate On
KrbVerifyKDC Off
KrbMethodK5Passwd Off
KrbSaveCredentials on
Require valid-user
</Location>
