[Webkit-unassigned] [Bug 20203] WebKit does not delegate Kerberos credentials negotiation
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 11 19:04:53 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=20203
Andrew Kerr <andrew.kerr33 at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |andrew.kerr33 at gmail.com
--- Comment #3 from Andrew Kerr <andrew.kerr33 at gmail.com> 2009-11-11 19:04:53 PST ---
I can confirm the same issue using Safari 4.03 on Mac OS X 10.6.
To reproduce the problem, you need:
- Safari
- A front-end web app which support Kerberos authentication
- A back-end server which supports Kerberos authentication
Safari can successfully authenticate via Kerberos to the front-end web app. But
the front-end is *not* able to successfully delegate those same credentials to
access authenticated services on the back-end server.
By comparison, Firefox will also successfully authenticate to the front-end web
app, as long as the web app's URL is included in Firefox's
network.negotiate-auth.trusted-uris setting. If that was the only setting you
changed in Firefox, then it would behave the same as Safari. BUT, if you also
include the web app's URL in Firefox's network.negotiate-auth.delegation-uris,
the web-app starts successfully authenticating to the back-end server.
So the difference appears to be the network.negotiate-auth.delegation-uris
setting in Firefox. Whatever FF does in relation to this setting seems to be
the thing that Safari isn't doing.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list