I'm testing with firefox now and have set the network.negotiate-auth.trusted-uris but the FreeIPA web interface says my "kerberos ticket is no longer valid" even though the MIT KFW has a current, valid, ticket. I only see that as a configuration setting for Firefox for this funtionality. Anything else I'm missing?
On Fri, Sep 23, 2011 at 3:31 PM, Rob Crittenden <rcrit...@redhat.com> wrote: > Jimmy wrote: > >> I have been using the interface from a Linux client on Firefox just >> fine, but now I need to configure a windows client to access the web >> interface. I have the win7 client logged in using a FreeIPA user, >> authenticated against the realm, and when I browse to the web page I >> still get another log in box but no matter what I do not get access, or >> the browser cannot access the ticket the system has. I enabled the >> "Enable Integrated Windows Authentication" option in IE. After that >> wasn't working I even installed the MIT KFW to make sure I was really >> getting a ticket(not really expecting that it would fix the problem.) >> >> I am searching for this fix actively, but figured I'd ask here in case >> someone had the answer at hand. >> > > Firefox in Windows will work with the MIT client but not IE. For IE to work > you need to enable fake basic auth fallback, > http://freeipa.org/page/UIPasswordAuth . This isn't really ideal but the > only workaround we know of. > > rob >
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users