Forwarding kerberos credentials

Hi,
I'm having intermittent problems connecting to my PostgreSQL database
from PHP, using Kerberos credentials forwarded from mod_auth_kerb.

- User authenticates via mod_auth_kerb,
(either Basic or Negotiate HTTP authenication)

- Kerberos credentials are stored in a file that lives for the lifetime
of the HTTP connection.

- PHP is passed a variable naming this file:
$_SERVER['KRB5CCNAME']
(eg. 'FILE:/tmp/krb5cc_apache_RcuW4s')

- Environment variable is set from PHP:
putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");

- Connection to PostgreSQL is attempted from PHP:
pg_connect("host=db.example.com dbname=krbtest user={$user}");

The trouble is that sometimes the connection works,
and sometimes it doesn't. It's very unpredictable. :(

Connecting with psql/kerberos works every time!

Does anyone have an idea of what could cause this?
Has anyone else tried this connection method and got it to work?

Tested on:
RedHat Enterprise Linux 3 & Gentoo Linux
Apache 2.0.46 & 2.0.49 (prefork)
mod_auth_kerb 5.0-rc5 & rc6
PHP 4.3.8
PostgreSQL 7.4.3
MIT KerberosV5 libs 1.3.3 & 1.3.4

Here is the test script I used:

<?php
$m = array();
# Remove kerberos realm from username
if (preg_match('#^(.+?)[/@]#', $_SERVER['REMOTE_USER'], $m)) {
$user = $m[1];
} else {
$user = 'guest';
}

echo "\nPID: ", getmypid(), "\n";

putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");

$cmd = "/usr/bin/klist";

echo "\n{$cmd}:\n";
passthru($cmd);

$connstr = "host=db.example.com dbname=krb user={$user}";

echo "\nConnection String:\n{$connstr}\n\n";

$db = pg_connect($connstr);

$res = pg_query($db,"SELECT current_user, session_user;");

print_r(pg_fetch_all($res));

pg_close($db);
?>

Cheers
--
Mark Gibson <gibsonm |AT| cromwell |DOT| co |DOT| uk>
Web Developer & Database Admin
Cromwell Tools Ltd.
Leicester, England.