I have deployed Subversion DAV on Apache2 with mod_auth_kerb on a
In case of a Linux client, GSSAPI properly resolves server name and ask
for a "HTTP/main.domain.com" ticket to connect to
In case of a Windows client, SSPI directly uses the SPN provided
"HTTP/vhost.domain.com" and authentication fails.
To fix this behavior, I would like to extend "ne_sspi_create_context" to
provide "HTTP/main.domain.com" as sspiContext->serverName
1. DNS lookup of original serverName ("vhost.domain.com")
2. Reverse DNS each IP address returned by "ne_addr_resolve"
3. First result is used as SPN in "HTTP/main.domain.com"
What do you think about it ?
neon mailing list