Kerberos Digest, Vol 32, Issue 5
Dodson, Robert (Home Office)
BDODSON at allstate.com
Wed Aug 3 12:20:36 EDT 2005
You must have "Use Windows Integrated Authentication" checked.
Bob Dodson
-----Original Message-----
From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu] On
Behalf Of kerberos-request at mit.edu
Sent: Wednesday, August 03, 2005 11:05 AM
To: kerberos at mit.edu
Subject: Kerberos Digest, Vol 32, Issue 5
Send Kerberos mailing list submissions to
kerberos at mit.edu
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.mit.edu/mailman/listinfo/kerberos
or, via email, send a message with subject or body 'help' to
kerberos-request at mit.edu
You can reach the person managing the list at
kerberos-owner at mit.edu
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Kerberos digest..."
Today's Topics:
1. Re: Kerberos and IE Single Sign-on (Nikola Milutinovic)
----------------------------------------------------------------------
Date: Tue, 02 Aug 2005 17:58:09 +0200
From: Nikola Milutinovic <Nikola.Milutinovic at ev.co.yu>
To: Luciano Bolonheis <bolonheis at gmail.com>
Cc: kerberos at mit.edu
Subject: Re: Kerberos and IE Single Sign-on
Message-ID: <42EF9811.3010702 at ev.co.yu>
In-Reply-To: <846437605080207205e29c1ab at mail.gmail.com>
References: <846437605080207205e29c1ab at mail.gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Precedence: list
Message: 1
Luciano Bolonheis wrote:
>Hi,
>i'm trying to make a Single sign-on environment... and I have all the
>possible problems...
>using the mod_auth_kerb with apache in internet explorer, it
>authenticate but asks for the password. I get a ticket with the Kfw
>Leash32 application, and even with valid ticket is asks for the
>password. Someone know what can I do?
>
>
You should find out if IE is actually using the Kerberos ticket. I
recall some obscure option in IE config for that. For instance, in
Outlook Express, that option is SPA (Secure Password Authentication). If
you machine is in ADS, it will try GSS-API, otherwise, it will go for
NTLM.
I think IE has a similarly cryptic option name.
Nix.
------------------------------
_______________________________________________
Kerberos mailing list
Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
End of Kerberos Digest, Vol 32, Issue 5
***************************************
More information about the Kerberos
mailing list