Configure your browser to authenticate using the "system logon credentials" (Kerberos authentication mechanism):
To access the advanced Firefox settings, enter about:config into the Address bar and press [Enter]. This will bring up a long list of customizable preferences for the current installation of the browser.
You need set the FQDN (fully qualified domain name) of the IdP Server to the trusted URIs:
In the "Login page" can you find the right FQDN:
Example of configuration when Firefox is running under the Windows platform:
To access the advanced Firefox settings, enter about:config into the Address bar and press [Enter]. This will bring up a long list of customizable preferences for the current installation of the browser.
You need configure:
Other settings concerning negotiate/authentication:
For "advanced" Firefox-users: To start the firefox with more debug information, you can use a script like this:
#!/bin/bash export NSPR_LOG_MODULES=negotiateauth:5 export NSPR_LOG_FILE=/var/log/firefox.log firefox |
The browser must be configured to enable single sign-on (SSO) support. SSO only works on intranet and using trusted URL's.
In the "Login page" can you find the right FQDN. Wildcards are also supported e.g. *.host_b.com:
Custom Level.
Now the browser should be setup correctly.
To config chrome you need to start the application the following parameter:
chrome --auth-server-whitelist="*aai-logon.domain-a.com" |
In the "Login page" can you find the right FQDN:
No additional configuration is needed
Opera does not currently support Kerberos authentication.