Hello,
I'm trying to convince Firefox 3.0.14 to send a Kerberos token. I have configured the service correctly and IE will send a Kerberos token (i.e. starting YI..), but after adding the hostname to the network.negotiate-auth.trusted-uris and network.negotiate-auth.delegation-uris settings in about:config, Firefox only sends an NTLM token. Here's the (cut down) output from Live Headers:
to server ->
GET /testsso.jsp HTTP/1.1
<- from server
HTTP/1.x 401 Unauthorized
WWW-Authenticate: Negotiate
to server ->
GET /testsso.jsp HTTP/1.1
Authorization: Negotiate TlxxxxxxxxQ=
<- from server
HTTP/1.x 401 Unauthorized
WWW-Authenticate: Negotiate
The server is only interested in a Kerberos token, i.e. one starting in YI, so issues the Unauthorized on the second request, at which point Firefox gives up.
I'm using Windows 2003. Any thoughts?
J