Apache mod_auth_kerb

Question

I have a setup using apache and mod_auth_kerb to authenticate users and proxy them to the destination web server using a HTTP header with username (X-Remote-User).

How do i setup a proper logout mechanism from the destination web server? - URL to call or similar?

score 0 · Answer 1 · answered Mar 19 '15 at 07:26

0

Our setup works like this:

We have one url, which is protected by Kerberos:

/kerberos_login

Once client access it, Kerberos authentication is performed. If successful, client is redirected to / — this is not protected by Kerberos.

To log out, clients have to access logout url (that one is also not protected by Kerberos):

/logout

answered Mar 19 '15 at 07:26

Tomas Tomecek

6,226
3
30
26

2

Thanks for the answer, my question is mainly on how to impl. the '/logout' for this setup. Do you remove a HTTP cookie? – Rasmus Melgaard Apr 05 '15 at 07:02

Apache mod_auth_kerb

1 Answers1