Меню

Ошибка spnego authentication is not supported on this client

http://www-01.ibm.com/support/knowledgecenter/SS7K4U_8.5.5/com.ibm.websphere.nd.doc/ae/tsec_SPNEGO_configweb_new.html

Complete the following steps to ensure that your Firefox browser is enabled to perform SPNEGO authentication.

  1. At the desktop, log in to the windows active directory domain.
  2. Activate Firefox.
  3. At the address field, type about:config.
  4. In the Filter, type network.n
  5. Double click on network.negotiate-auth.trusted-uris. This preference lists the sites that are permitted to engage in SPNEGO Authentication with the browser. Enter a comma-delimited list of trusted domains or URLs.

    Note: You must set the value for network.negotiate-auth.trusted-uris.

  6. If the deployed SPNEGO solution is using the advanced Kerberos feature of Credential Delegation double click on network.negotiate-auth.delegation-uris. This preference lists the sites for which the browser may delegate user authorization to the server. Enter a comma-delimited list of trusted domains or URLs.
  7. Click OK. The configuration appears as updated.
  8. Restart your Firefox browser to activate this configuration.
  • Remove From My Forums
  • Вопрос

  • I have a web application monitor that is throwing an odd error.  It tells me that the «Response Body Evaluation Result» is in error and when I check the response body, I get:

    <html><head><title>SPNEGO authentication is not supported.</title></head><body>SPNEGO authentication is not supported on this client.</body></html>

    The odd part is that the monitor is set up woth no authenticatin.  So, why am I getting theis error?

    Thank

    Bert

Ответы

  • It sounds like the server asks for negotiation of authentication (windows auth?) and since your client doesn’t use it, it gets an error. Maybe you would have to use windows auth with this site, in your synthetic test?

    • Помечено в качестве ответа

      1 мая 2014 г. 20:59

I am trying out the SPNEGO feature in Websphere 7. I want to allow basic authentication in case of client not supporting SPNEGO.

In my web.xml, I have

<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>SampleApp Login</realm-name>
</login-config> 

In admin console of Websphere,

under Security -> Global Security -> Web and SIP security -> General settings, I have "Default to basic authentication when certificate authentication for the HTTPS client fails" checked,

and under Security -> Global Security -> Web and SIP security -> SPNEGO Web authentication, I have «Allow fall back to application authentication mechanism» checked.

When I am using client supports SPNEGO (e.g. IE) to access my web app, it seems fine. However, when I switch to clients that do not support SPNEGO (e.g. Firefox), it simply shows a message «SPNEGO authentication is not supported on this client.» , without prompting me for basic authentication.

Can anyone give me some hints on what I may have missed? Thanks a lot.

0 0 голоса
Рейтинг статьи
Подписаться
Уведомить о
guest

0 комментариев
Старые
Новые Популярные
Межтекстовые Отзывы
Посмотреть все комментарии

А вот еще интересные материалы:

  • Яшка сломя голову остановился исправьте ошибки
  • Ясность цели позволяет целеустремленно добиваться намеченного исправьте ошибки
  • Ясность цели позволяет целеустремленно добиваться намеченного где ошибка
  • Ошибка spn 84 fmi 2 камаз 4308
  • Ошибка srs cfff volvo s40