curl - PHP kerberos delegation -

curl - PHP kerberos delegation -

how forwards kerberos auth server (using curl) php. have $_server['krb5ccname'] in request , need delegate server using curl.

how can done?

code:

$ch = curl_init(); $url = 'http://www.somesite.com/info.php'; @curl_setopt($ch, curlopt_httpget, 1); @curl_setopt($ch, curlopt_gssapi_delegation, curlgssapi_delegation_flag); @curl_setopt($ch, curlopt_httpauth, curlauth_gssnegotiate); @curl_setopt($ch, curlopt_userpwd, ":"); @curl_setopt($ch, curlopt_url, $url); @curl_setopt($ch, curlopt_returntransfer, 1); $resultcontent = @curl_exec($ch); $httpcode = @curl_getinfo($ch, curlinfo_http_code); if(@curl_errno($ch)) { $msg = @curl_error($ch); curl_close($ch); die('curl error: content: '.$this->resultcontent.' code: '.$this->httpcode); } curl_close($ch); die('r: code: '.$httpcode.' content: '. htmlspecialchars($resultcontent));

edit:

i figured out php 5.3 hasn't got curlopt_gssapi_delegation, it's been added in 5.5.0 alpha 3. working on issue see if that's problem.

as in http://curl.haxx.se/libcurl/c/curl_easy_setopt.html curlopt_gssapi_delegation

set parameter curlgssapi_delegation_flag allow unconditional gssapi credential delegation. delegation disabled default since 7.21.7. set parameter curlgssapi_delegation_policy_flag delegate if ok-as-delegate flag set in service ticket in case feature supported gssapi implementation , definition of gss_c_deleg_policy_flag available @ compile-time.

ok-as-delegate flag should set in kerberos service ticket (realm policy).

php curl kerberos