internal package
Foswiki::
LoginManager::
KerberosLogin
This login manager may be used to implement single sign on based on Kerberos authentication.
For this to work you will have to set up your server as well as your browser to exchange
kerberos tickes part of the HTTP header. See
System.LdapContrib#Signle_Sign_On_and_LdapContrib for more information.
If no ticket could be exchanged will this login manager fall back to
Foswiki::LoginManager::LdapTemplateLogin
ClassMethod
new($session)
Construct the KerberosLogin object
ObjectMethod
getSessionUser()
returns user as already found in session
ObjectMethod
login($request, $session)
Checks for a neogitiation HTTP header and redirects to login if not.
When found we will redirect to another view to perform the actual ticket exchange.
A special url parameter
_krb_redirect
will be set to prevent multiple redirects
happening by accident.
ObjectMethod
getUser($request, $session)
performs the actual kerberos communication to extract the remote user name from the ticket
found in the HTTP header.