Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cleaning up note.

This commit is contained in:
WalkerWatch 2018-08-29 12:15:37 -04:00
parent 1383f60249
commit 88363dd3c1
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
jetty-documentation/src/main/asciidoc/configuring/security/spnego-support.adoc
View File

@ -153,21 +153,21 @@ The follows steps have been required to inform Firefox that it should use a nego
The follows steps have been required to inform Internet Explorer that it should use a negotiation dialog to authenticate. The follows steps have been required to inform Internet Explorer that it should use a negotiation dialog to authenticate.
1. Tools -> Options -> Security -> Local Intranet -> Sites (everything should be checked here) 1. Tools -> Options -> Security -> Local Intranet -> Sites (everything should be checked here)
2. Tools -> Options -> Security -> Local Intranet -> Sites -> Advanced (add url to server (http:// and/or https:// use the hostname!) 2. Tools -> Options -> Security -> Local Intranet -> Sites -> Advanced (add url to server (`http://` and/or `https://` -- use the hostname, not the IP)
3. Tools -> Options -> Security -> Local Intranet -> Sites -> Advanced -> Close 3. Tools -> Options -> Security -> Local Intranet -> Sites -> Advanced -> Close
4. Tools -> Options -> Security -> Local Intranet -> Sites -> Ok 4. Tools -> Options -> Security -> Local Intranet -> Sites -> Ok
5. Tools -> Options -> Advanced -> Security (in the checkbox list) 5. Tools -> Options -> Advanced -> Security (in the checkbox list)
6. Locate and check 'Enable Integrated Windows Authentication' 6. Locate and select `Enable Integrated Windows Authentication`
7. Tools -> Options -> Advanced -> Security -> Ok 7. Tools -> Options -> Advanced -> Security -> Ok
8. Close IE then reopen and browse to your Spengo protected resource 8. Close IE then reopen and browse to your Spengo protected resource
____
[NOTE] You *must* use hostname and not the IP.
You must go to the hostname and not the IP. If you use the IP it will default to NTLM authentication.
If you go to the IP it will default to NTLM authentication...the following conditions must be true for Spnego authentication to work: The following conditions must be true for Spnego authentication to work:
* You must be within the Intranet Zone of the network * You must be within the Intranet Zone of the network
* Accessing the server using a Hostname rather than IP * Access the server using a Hostname rather than IP
* Integrated Windows Authentication in IE is enabled and the host is trusted in Firefox * Integrated Windows Authentication in IE is enabled and/or the host is trusted in Firefox
* The server is not local to the browser, it can't be running on localhost * The server is not local to the browser; it can't be running on localhost
* The client's Kerberos system is authenticated to a domain controller * The client's Kerberos system is authenticated to a domain controller
____