Appendix E. Configure Browsers for Spnego Negotiation

Appendix E. Configure Browsers for Spnego Negotiation
Prev	Part IV. Appendices

E.1 Firefox

Complete following steps to ensure that your Firefox browser is enabled to perform Spnego authentication.

Open Firefox.
At address field, type about:config.
In filter/search, type negotiate.
Parameter network.negotiate-auth.trusted-uris may be set to default https:// which doesn’t work for you. Replace this with your server address.

E.2 Chrome

With Google Chrome you generally need to set command-line parameters order to white list servers with Chrome will negotiate.

--auth-server-whitelist="*.example.com"
--auth-negotiate-delegate-whitelist="*.example.com"

You can see which policies are enable by typing chrome://policy/ into Chrome’s address bar.

With Linux Chrome will also read policy files from /etc/opt/chrome/policies/managed directory.

mypolicy.json.

{
  "AuthServerWhitelist" : "*.example.org",
  "AuthNegotiateDelegateWhitelist" : "*.example.org",
  "DisableAuthNegotiateCnameLookup" : true,
  "EnableAuthNegotiatePort" : true
}

E.3 Internet Explorer

Complete following steps to ensure that your Internet Explorer browser is enabled to perform Spnego authentication.

Open Internet Explorer.
Click Tools > Intenet Options > Security tab.
In Local intranet section make sure your server is trusted by i.e. adding it into a list.

Prev	Up
Appendix D. Troubleshooting	Home