Tuesday, 19 June 2012
Configuring Firefox to work with SPNEGO / Kerberos
I've spoken and presented at length on the solution to provide desktop Single Sign-On (SSO) between Microsoft Windows and WebSphere Application Server: -
and made reference to the option to also configure Mozilla Firefox to support SPNEGO via the network.negotiate-auth.trusted-uris property
However, what I hadn't mentioned was that one can add multiple sites into this field.
What I'd failed to remember is that the separator to be used is a comma (,) - which explained why SSO wasn't working for the second and third sites :-)
Thankfully, this site - Enabling NTLM Authentication (Single Sign-On) in Firefox - came to the rescue. Since Matt Sivel wrote his post, Mozilla have deprecated the network.automatic-ntlm-auth.trusted-uris setting, replacing it with network.negotiate-auth.trusted-uris.
However, Matt's point about the comma saved me :-)