SSO Tournai - BLOCKER: challenge WWW-Authenticate
- client et serveur authentic (avec backend Kerberos) semblent correctement configures - le navigateur accepte les challenges WWW-Authenticate depuis l'IdP (option Firefox network.negotiate-auth.trusted-uris) - le cache de tickets est rempli avec un ticket valide pour un user principal present dans l'AD - la configuration krb5 cotes poste client et serveur IdP semble correcte - le fichier keytab de l'AD a ete copie sur le serveur IdP et renseigne a authentic via l'option KRB5_KTNAME TODO: debugger l'erreur django_kerberos "Access unauthorized please refresh your ticket cache "
This commit is contained in:
parent
b12bdc366d
commit
4120634eb6
19
doc.md
19
doc.md
|
@ -2624,6 +2624,25 @@ Valid starting Expires Service principal
|
|||
05/15/2017 15:16:37 05/16/2017 01:16:37 krbtgt/ENTROUVERT.LOCAL@ENTROUVERT.LOCAL
|
||||
renew until 05/16/2017 15:16:34
|
||||
|
||||
|
||||
installation de django_kerberos ?
|
||||
|
||||
BLOCKER :
|
||||
TemplateDoesNotExist at /accounts/kerberos/login/
|
||||
|
||||
django_kerberos/unauthorized.html
|
||||
|
||||
FIX: reinstallation de django_kerberos
|
||||
|
||||
|
||||
Authentic2 - phyhost
|
||||
Homepage
|
||||
Access unauthorized please refresh your ticket cache
|
||||
|
||||
LA RFC est claire à ce sujet:
|
||||
The 401 (Unauthorized) response message is used by an origin server
|
||||
to challenge the authorization of a user agent.
|
||||
|
||||
//CURRENT2
|
||||
|
||||
## Etude synchro brouillon
|
||||
|
|
Reference in New Issue