[38362] in Kerberos
Make Windows Firefox Use Ticket gained via OpenConnect VPN Connection
daemon@ATHENA.MIT.EDU (chiasa.men)
Sat Oct 20 16:11:04 2018
From: "chiasa.men" <chiasa.men@web.de>
To: kerberos@mit.edu
Date: Sat, 20 Oct 2018 22:09:57 +0200
Message-ID: <25678829.3fpAYYNG7q@march>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
I have an openconnect server where I can login with kerberos credentials (the
vpn server basically also works as proxy to the kdc within said vpn - more
detailed description: https://access.redhat.com/blogs/766093/posts/1976663)
Now I can connect with a windows machine (using openconnect-gui) with my
kerberos credentials. Which works.
The next step shall be to use the gained ticket further for webservices within
that vpn. How can I tell the browser (e.g. Firefox) to use the ticket gained
by openconnect? Is there any way to achieve this?
I also installed the MIT Kerberos Ticket Manager for Windows. Here (https://
community.hortonworks.com/content/kbentry/28537/user-authentication-from-
windows-workstation-to-hd.html) is desribed that it is possible to use that
Manager with firefox in order to authenticate to webservices. Although I
haven't been able to accomplish that, would it be possible to tell MIT
Kerberos Ticket Manager to use the Ticket of the vpn login?
Is there already a 'usual way' to achieve something like sso via vpn with
kerberos with windows clients?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
