Folks,
Is it possible to use MediaWiki with Kerberos?
I am currently using the MediaWiki HTTP_AUTH plugin and authenicating via Apache (which uses mod_auth_kerb as it's backend). This works find passing a password, which is checked against the Kerberos server because Apache authenicates and PHP provides the userID via $_SERVER[PHP_AUTH_USER]. This is then used by HTTP_AUTH.
The problem arsies if you do a kinit and use your kerberos ticket to authenticate with Apache. For some reason, although authentication is sucessful PHP does not put the userID into $_SERVER[PHP_AUTH_USER]. Therefore HTTP_AUTH does not get the userID and log you in.
So, I guess the questions are:
1) Why doesn't $_SERVER[PHP_AUTH_USER] get populated (I understand it's something to do with different HTTP headers being used between password auth (which is just BASIC auth) and ticket negociation)?
2) Is there a way that PHP can detect if Apache has carried out a sucessful Kerberos authentication?
3) Is there another/better way to make MediaWiki play with Kerberos? I understand there's a not terribly free as in Freedon PHP extention that allows PHP to play with Kerberos but I'd like to steer clear of it.
Mike.