Skip navigation



WebAuth 4.3.1 Announcement

The ITS WebAuth team is pleased to announce Stanford WebAuth 4.3.1. This is a bug-fix release and minor feature release that corrects a portability issue with older Kerberos libraries and two significant problems with the WebKDC and WebLogin server. Users of the WebKDC running WebAuth 4.3.0 should upgrade to this release.

For documentation and downloads of WebAuth 4.3.1, see:


New Debian packages built against Apache 2.4 have been uploaded to Debian experimental.

The user-visible changes in this release are:

  • Allow WebAuthDoLogout in .htaccess files with AllowOverride AuthConfig. Previously, WebAuthDoLogout could only be set in the Apache server configuration.

  • Fix invalid free in webauth_webkdc_login when there are permitted realms configured.

  • Add a replacement for krb5_cc_get_full_name for Kerberos libraries that don't have this function. Fixes compilation against MIT Kerberos 1.8 and earlier.

  • Fix incorrect Perl module includes in pwchange.fcgi that prevented the WebLogin password change component from starting properly.

  • Add an overloaded cmp operator for WebAuth::Exception, primarily to make testing easier.

  • Document that while WebAuthLdapKeytab can be set in either the main server configuration or in a virtual host, separate configurations for different virtual hosts are not supported due to the way the module is currently implemented.

Last modified Friday, 12-Dec-2014 02:31:12 PM

Stanford University Home Page