The World of a Penguin

It is obvious most vendors are very focused on supporting the cloud. Ubuntu 9.04 focus on provide so you can have your "own" Amazon cloud. Canonical provides images for Amazon EC2. SpringSource makes it simpler to deploy spring applications on the cloud, both own Google AppEngine and Amazon. Vmware helps you to build your inhouse cloud. Then we have all SaaS services like Google Apps, Salesforce, sugarcrm. The big question is: How do we get single sign on on the cloud? Enough about clouds for today. One of the bigest news from SpringOne here in Amsterdam is that SpringSource development environment, STS, will be free as in no fees. Today it was mentioned in one conversation that a new minor release of STS will be released next thursday.

I have for several years had a kerberos/ldap Single-Sign-On (SSO) solution active on my home computer network. One part that had not been integrated is my Apache httpd web-server. I started to take a look on activate this at Christmas. It was easy to get Kerberos working for the webserver on my Ubuntu server. This assumes you have ssl working on your web-server for the area you want to password protect. Install the libapache2-mod-auth-kerb from Universe. Activate the module with the command: sudo a2enmod auth_kerb Add the following to the directory configuration in apache you want to protect using kerberos. AuthName "Realm" AuthType Kerberos KrbAuthRealms MYREALM Krb5Keytab /etc/apache2/http.keytab Require principal@MYREALM KrbServiceName HTTP/www.MYDOMAIN.org Require valid-user Change MYREALM and MYDOMAIN to values that fits you. Connect to the kerberos admin server and create a new principal and a keytab including this principal. If you use MIT Kerberos, do like this. S...