Users are not able to log in to the Apache web server with mod_auth_vas compiled in with Apache and the following error is received in the Apache error log:
[Thu Dec 20 16:45:37 2007] [error] [client 22.214.171.124] match_group: no available auth context for firstname.lastname@example.org
[Thu Dec 20 16:45:37 2007] [error] [client 126.96.36.199] auth_vas_auth_checker: Denied access to user 'email@example.com' for uri '/
VAS (Vintela Authentication Service) has been installed and AD (Active Directory) users are able to login.
The Apache process (ie. httpd or apache) cannot access the HTTP.keytab and vas.conf files in the /etc/opt/quest/vas/ directory.
Change the permissions for the HTTP.keytab and vas.conf so that the Apache process can read those files. For example:
# chmod 644 /etc/opt/quest/vas/vas.conf
# chgrp apache /etc/opt/quest/vas/HTTP.keytab
# chmod 640 /etc/opt/quest/vas/HTTP.keytab