Tuesday, 4 December 2018

SPNEGO - Not working, now working

There's a theme to my blog posts these days: -

Docker for macOS - Broken, now fixed 

Maven and Spring and Liberty - Broken, now fixed 

Kerberos and Red Hat Enterprise Linux - Now friends

so this one is all about SPNEGO and Kerberos.

Having enabled WebSphere Application Server (WAS) 9 and Windows Server 2012 R2 to play nicely together with Kerberos/SPNEGO, I was STILL seeing a logon box in Internet Explorer 11: -




I'd already checked that Integrated Windows Authentication (IWA) was enabled; this now appears to be the default: -




*BUT* guess what I'd forgotten ?

Yep, I had NOT added the site: -

https://was.uk.ibm.com

to the appropriate zoneS in IE.

Now I'd already realised that IE11 no longer shows the internet/intranet/trusted zone in the status bar, BUT you can get a view using the [Alt] [F] [R] key sequence: -




Initially I added the site to the Trusted sites zone: -



but to no avail.

I then followed this: -

Configuring the client browser to use SPNEGO

and added the site to the Local intranet zone: -



which actually moves it from Trusted sites: -



and now it just works.


Nice :-)

No comments:

Reminder - installing podman and skopeo on Ubuntu 22.04

This follows on from: - Lest I forget - how to install pip on Ubuntu I had reason to install podman  and skopeo  on an Ubuntu box: - lsb_rel...