home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
MIME-Version: 1.0 From: Adi Leica <adileica@gmail.com> Date: Mon, 30 Nov 2015 00:20:08 +0100 Message-ID: <CAFHvvKZLj5VpHjDuorsPYK+oZiN+pZVWtFvtKsSPrUy3OUZhAw@mail.gmail.com> To: kerberos@mit.edu Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kerberos-bounces@mit.edu Hello Kerberos Community. At the organisation where I work we are trying to achieve SSO authentication using Kerberos mechanism on the following setup: - physical load-balancer (machine1) receiving incoming http sessions, but redirecting the traffic to a WebLogic Server (machine2). The application deployed on the WLS instance is the one expected to allow or disallow a user to login, but the exposed URL is the one of the frontend Load Balancer. The Service Account in MS AD has an account with the logon HTTP/ machine1.mydomain.com@mydomain.com Is this correct ? Our WebLogic instance has the keytab of machine1 as a parameter, but is not able to allow automatic login for users. We only managed to make it work with an SPN of HTTP/ machine2.mydomain.com@mydomain.com and accesing the URL exposed by machine2, but this is not what we want. Thank you in advance for any advice about what we might be missing. Regards, Adrian ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |