Red Hat Training

A Red Hat training course is available for Red Hat JBoss Web Server

12.2.5. Test the Kerberos Authentication

Use the following instructions to test the Kerberos authentication. As a prerequisite for this procedure, ensure that the Kerberos Client is configured (see Section 12.2.3, “Configure the Kerberos Client”).

Procedure 12.3. Test the Kerberos Authentication

  1. Create a Test Page

    Create a test page named auth_kerb_page.html in the $EWS_HOME/httpd/www/html/kerberostest/.
  2. Add the Contents of the Test Page

    Add the following contents to the test page (auth_kerb_page.html:
    <html>
      <body>
        <h1>mod_auth_kerb successfully authenticated!</h1>
    </body>
    </html>
  3. Optional: Set Log Level

    Optionally, set the log level for debugging in the $EWS_HOME/httpd/conf/httpd.conf file.
  4. Start httpd

    As the root user, start the JBoss Enterprise Web Server httpd as follows:
    # $EWS_HOME/httpd/sbin/apachectl start
  5. Test Authentication

    Test the authentication as follows:
    1. Initiate Kerberos authentication for the test user hnelson:
      $ kinit hnelson
    2. View the details for the test user hnelson:
      $ klist
      A result similar to the following appears:
      Ticket cache: FILE:/tmp/krb5cc_18602
      Default principal: hnelson@EXAMPLE.COM
      
      Valid starting     Expires            Service principal
      06/03/13 14:21:13  06/04/13 14:21:13  krbtgt/EXAMPLE.COM@EXAMPLE.COM
              renew until 06/10/13 14:21:13
    3. Testing httpd Kerberos Authentication

      Test httpd Kerberos authentication as follows:
      $ curl --negotiate -u : http://localhost/kerberostest/auth_kerb_page.html
      If working correctly, the following result appears:
      <html>
        <body>
          <h1>mod_auth_kerb successfully authenticated!</h1>
      </body>
      </html>
See http://modauthkerb.sourceforge.net/ for more information about mod_auth_kerb.