Hello there, I have tried to implement single-sign-on on a my macbook.
What I can: - I can kinit and get a valid ticket - I can ssh into a linux machine part of my realm without I am asked for a password What I can *not*: - browse a webpage even if I have kinit-ed successfully. When I access my url, i.e. https://intranet.example.com I am prompted with a window asking for my username and password. Moreover I have got no entry in /var/log/krb5kdc.log on my kerberos master. I am sure the apache server is well configured. If I try to access the same webpage from a linux client, it will work. My questions are - what is the authentication mechanism used by firefox to use Kerberos for SSO? is it GSS-API? I am asking because it seems to me that my macbook does not manage to contact my kerberos server in the first place. - has anybody manage to configure supported browsers for Kerberos sso and apache on macOS clients? Kind regards, Giuseppe ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
