Arnaud Lesueur wrote: > On Tue, May 20, 2008 at 3:51 PM, AndrePra <[EMAIL PROTECTED]> wrote: >> I've tested the url (http://casserver.quix.locale:8080/cas) from some >> clients but the token received start always with NTLMSSP. > > Can you check you do have a valid kerberos TGT in your windows > session. You might to this using kerbtray or klist tools. > > If this is ok. Then check on the browser configuration ? > - For Internet Explorer, you have to turn on IWA and add the casserver > as a trusted site with an additional check while you are not using > HTTPS > - For Firefox, add the casserver in network.negotiate-auth.trusted-uris
Michael B Allen summed up things which could go wrong in news:comp.protocols.kerberos. See his particular message: http://groups.google.com/group/comp.protocols.kerberos/msg/cf092e21c90e362b The whole thread: http://groups.google.com/group/comp.protocols.kerberos/browse_thread/thread/8dea0ffd5e38f727/cf092e21c90e362b#cf092e21c90e362b Ciao, Michael. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
