Internet explorer rejects cookies in kerberos protected intranet sites
Posted
by remix_tj
on Server Fault
See other posts from Server Fault
or by remix_tj
Published on 2010-05-28T20:05:06Z
Indexed on
2010/05/28
20:12 UTC
Read the original article
Hit count: 303
I'm trying to build an intranet site using joomla. The webserver is using HTTP Kerberos authentication with mod_kerb_auth. Everything works fine, the users get authenticated and so on. But if i try to login to the administrator panel i can't because IE does not accept the needed cookies. No such problem with firefox. The intranet site is called "intranet_new" and is hosted by webintranet04, under the directory /var/www/vhosts/joomla/intranet_new/.
I have my virtualhost for intranet_new containing this:
<Location />
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd On
KrbAuthRealms PROV.TV.LOCAL
Krb5KeyTab /etc/apache2/HTTP.keytab
require valid-user
</Location>
The same is for webintranet04 virtualhost, which is the default pointing to /var/www and contains:
<Location /vhosts/joomla/>
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd On
KrbAuthRealms PROV.TV.LOCAL
Krb5KeyTab /etc/apache2/HTTP.keytab
require valid-user
</Location>
the very strange problem i have is that if i open http:// webintranet04/vhosts/joomla/intranet_new/administrator IE allows me to login, accepting cookie. If i open http:// intranet_new/administrator, instead, i loop on the login page.
Last, intranet_new is a CNAME record of webintranet04.
This is only an IE problem. I need: - the admin interface to work with IE - the "kerberized" zone to accept cookie, because i am deploying other programs requiring cookies.
© Server Fault or respective owner