Morning All, I've been doing some testing of Kerberos Negotiation in Cosign 2.1.1 - I started off with something similar to what Simon Wilkinson described at: http://orthrus.blogspot.com/2007/10/kx509-kerberos-and-cosign.html.
Simon's XMLHttpRequest technique excludes MSIE because of its poor handling of Negotiate requests (it pops up a Basic Auth dialogue if the user doesn't have a domain logon). We found similar problems in Google Chrome and the original code implied that at least some versions of Safari had similar issues. Simply excluding all those browsers (and essentially leaving Firefox as the only fully supported browser) seemed a bit heavy-handed to me, especially since the other browsers worked some of the time, so I started looking for ways to improve the behaviour. I'm not sure if anyone else has tried this already, but I think I've stumbled across a solution that appears to work on all browsers. It's only a minor variation on what Simon described: when sending the XMLHttpRequest, supplying a username and a blank password seems to be sufficient to suppress the Basic Auth dialogue in the situations that we previously found to be a problem (e.g. MSIE without a domain login) Maybe someone else has documented this already, or maybe there's a problem with this approach that we've not found yet - we've tested across what we expect to be the normal combinations in use by our users (Linux, Windows, MacOS and Firefox, MSIE, Opera, Chrome, plus some mobile devices), and so far it all seems to work. I've put a copy of the new script at: http://www.lancs.ac.uk/~steveb/patches/cosign-negotiate/checknegotiate_n ew.js I'd love to hear about any situations where this fails to do the Right Thing... Steve. ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
