Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Authentication using Spnego

more options

We have developed a web application which supports integrated windows authentication using spnego.

For enabling integrated authentication on Mozilla firefox i have made followin configuration

network.negotiate-auth.trusted-uris = domain of the trusted uri network.negotiate-auth.allow-non-fqdn = false network.negotiate-auth.allow-proxies = true network.negotiate-auth.using-native-gsslib = true.

My application doesnt support ntlm so havent made any configuration related to that.

Everything works file inside local network. I mean the browser is able to get kerberos service token and send it to my application.

But when I hit the same trusted site outside local network I observed that it doesnt respond at all.

Below is the flow 1. I hit the trusted url from mozilla browser outside local network 2. My application challenges browser for service token with 401 Negotiate challenge 3. Browser tries to get service token but is unable to get it because its outside the domain(Local intranet) and cannot find kerberos server or KDC. 4. Browser doesnt respond at all. I was expecting that it will respond with empty service ticket.In IE I observed that it sends NTLM token.

I want to know why the browser is not responding and how should I handle such scenario ?

We have developed a web application which supports integrated windows authentication using spnego. For enabling integrated authentication on Mozilla firefox i have made followin configuration network.negotiate-auth.trusted-uris = domain of the trusted uri network.negotiate-auth.allow-non-fqdn = false network.negotiate-auth.allow-proxies = true network.negotiate-auth.using-native-gsslib = true. My application doesnt support ntlm so havent made any configuration related to that. Everything works file inside local network. I mean the browser is able to get kerberos service token and send it to my application. But when I hit the same trusted site outside local network I observed that it doesnt respond at all. Below is the flow 1. I hit the trusted url from mozilla browser outside local network 2. My application challenges browser for service token with 401 Negotiate challenge 3. Browser tries to get service token but is unable to get it because its outside the domain(Local intranet) and cannot find kerberos server or KDC. 4. Browser doesnt respond at all. I was expecting that it will respond with empty service ticket.In IE I observed that it sends NTLM token. I want to know why the browser is not responding and how should I handle such scenario ?

所有回覆 (1)

more options

Can you find anything useful in Firefox's error console? Ctrl+Shift+j to open. Typically it works best to Clear what's there and reload the page on which you want to take an action. See what errors/warnings/messages might be relevant, then submit the form/click the button that takes the non-working action and check for new errors/warnings/messages.