[Mediawiki-l] MediaWiki with Kerberos

[Mike]

Folks,

Is it possible to use MediaWiki with Kerberos?

I am currently using the MediaWiki HTTP_AUTH plugin and authenicating
via Apache (which uses mod_auth_kerb as it's backend).  This works find
passing a password, which is checked against the Kerberos server because
Apache authenicates and PHP provides the userID via
$_SERVER[PHP_AUTH_USER].  This is then used by HTTP_AUTH.

The problem arsies if you do a kinit and use your kerberos ticket to
authenticate with Apache.  For some reason, although authentication is
sucessful PHP does not put the userID into $_SERVER[PHP_AUTH_USER].
Therefore HTTP_AUTH does not get the userID and log you in.

So, I guess the questions are:

1) Why doesn't $_SERVER[PHP_AUTH_USER] get populated (I understand it's
something to do with different HTTP headers being used between password
auth (which is just BASIC auth) and ticket negociation)?

2) Is there a way that PHP can detect if Apache has carried out a
sucessful Kerberos authentication?

3) Is there another/better way to make MediaWiki play with Kerberos?  I
understand there's a not terribly free as in Freedon PHP extention that
allows PHP to play with Kerberos but I'd like to steer clear of it.

Mike.