GSSAPI uses a secured (encrypted + MAC-ed) payload to maintain state in the
session cookie. The session cookie lifetime depends on the lifetime of the
GSSAPI session established at authentication.
-NOTE: It is important to correctly set the SessionCookieName option.
+**NOTE**: It is important to correctly set the SessionCookieName option.
See the
[mod_sessions](http://httpd.apache.org/docs/current/mod/mod_session.html)
documentation for more information.
### GssapiBasicAuth
Allows the use of Basic Auth in conjunction with Negotiate.
-If the browser fails to use Negotiate is will instead fallback to Basic and
+If the browser fails to use Negotiate it will instead fallback to Basic and
the username and password will be used to try to acquire credentials in the
-module via GSSAPI. If credentials are acquire successfully then they are
+module via GSSAPI. If credentials are acquired successfully then they are
validated against the server's keytab.
- **Enable with:** GssapiBasicAuth On
GssapiBasicAuthMech krb5
-#### GssapiNameAttributes
+### GssapiNameAttributes
Enables the module to source Name Attributes from the client name
(authorization data associated with the established context) and exposes them
error string in case the inquire name function fails to retrieve attributes,
and with the string "0 attributes found", if no attributes are set.
-Note: These variables are NOT saved in the session data stored in the cookie so they
-are available only on the first authenticated request when GssapiUseSessions is
-used.
+**Note**: These variables are NOT saved in the session data stored in the
+cookie so they are available only on the first authenticated request when
+GssapiUseSessions is used.
-Note: It is recommended but not required to use only capital letters and underscores
-for environment variable names.
+**Note:** It is recommended but not required to use only capital letters and
+underscores for environment variable names.
#### Example
GssapiNameAttributes json
projects / mod_auth_gssapi.git / blobdiff