Make Windows Firefox Use Ticket gained via OpenConnect VPN Connection

chiasa.men chiasa.men at web.de
Sat Oct 20 16:09:57 EDT 2018


I have an openconnect server where I can login with kerberos credentials (the 
vpn server basically also works as proxy to the kdc within said vpn - more 
detailed description: https://access.redhat.com/blogs/766093/posts/1976663)

Now I can connect with a windows machine (using openconnect-gui) with my 
kerberos credentials. Which works.

The next step shall be to use the gained ticket further for webservices within 
that vpn. How can I tell the browser (e.g. Firefox) to use the ticket gained 
by openconnect? Is there any way to achieve this?

I also installed the MIT Kerberos Ticket Manager for Windows. Here (https://
community.hortonworks.com/content/kbentry/28537/user-authentication-from-
windows-workstation-to-hd.html) is desribed that it is possible to use that 
Manager with firefox in order to authenticate to webservices. Although I 
haven't been able to accomplish that, would it be possible to tell MIT 
Kerberos Ticket Manager to use the Ticket of the vpn login?

Is there already a 'usual way' to achieve something like sso via vpn with 
kerberos with windows clients?






More information about the Kerberos mailing list