I have an apache instance that uses kerberos for SSO with an internal application that we have running. However the performance is very very poor.

I believe from a tcp dump that when a user hits some of our dojo forms on the application that apache is making calls to our KDC to ensure that the user has permissions to those files.

As the dojo library is quite hefty, this is taking a long time to run and seriously impacting the performance of dojo based forms to load.

We are using mod_auth_kerb and currently our httpd.conf file looks like this.

<Directory "/opt/myapp/public"> AllowOverride All Order allow,deny Allow from all AuthType Kerberos AuthName KerberosLogin KrbServiceName HTTP/taz.uk.mydomain.com@MYDOMAIN.COM KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms MYDOMAIN.COM Krb5KeyTab /etc/krb5.keytab require valid-user </Directory>

Is there a command that I can put into the httpd.conf file or a .htaccess file that I put into the javascript directory that holds the dojo library, to tell apache not to authenticate the access to the directory?

I believe that this will improve the site performance 100 fold. (Yes it really is that bad)

Thanks