<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi,<br>
<br>
I am trying to write some software that communicates with the FreeIPA server from a remote client.<br>
<br>
Using Adam Young's helpful blog (<br>
<a class="moz-txt-link-freetext" href="http://adam.younglogic.com/2010/07/talking-to-freeipa-json-web-api-via-curl/">http://adam.younglogic.com/2010/07/talking-to-freeipa-json-web-api-via-curl/</a>), I am successfully able to run this curl on the FreeIPA server
 itself:<br>
<br>
curl -v -H referer:<a class="moz-txt-link-freetext" href="https://myserver.net/ipa">https://myserver.net/ipa</a> -H "Content-Type:application/json" -H "Accept:application/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d '{"method":"user_find","params":[[""],{}],"id":0}'
 -X POST <a class="moz-txt-link-freetext" href="https://myserver.net/ipa/json">https://myserver.net/ipa/json</a><br>
<br>
But when I try and run an similar curl from my client workstation (with pre-requisite Kerberos setup):<br>
<br>
curl -v -H referer:<a class="moz-txt-link-freetext" href="https://myworkstation.net/ipa">https://myworkstation.net/ipa</a> -H "Content-Type:application/json" -H "Accept:application/json" --negotiate -u : --cacert /tmp/ca.crt -d '{"method":"user_find","params":[[""],{}],"id":0}'
 -X POST <a class="moz-txt-link-freetext" href="https://myserver.net/ipa/json">https://myserver.net/ipa/json</a><br>
<br>
The following error is generated in the Apache logs:<br>
<br>
KerberosWSGIExecutioner.__call__: KRB5CCNAME not defined in HTTP request environment<br>
<br>
Would anyone have any pointers to fix, or a place to start investigating? I am assuming there is configuration problem but I have no idea where to begin. I believe I've done all the Kerberos setup correctly, but it's hard to tell.<br>
<br>
Kind regards,<br>
Adam<br>
<br>
<br>
<br>
<br>
This message (including any attachments) may contain information that is privileged or confidential. If you are not the intended recipient, please notify the sender and delete this email immediately from your systems and destroy all copies of it. You may not,
 directly or indirectly, use, disclose, distribute, print or copy this email or any part of it if you are not the intended recipient
</body>
</html>