10.2.13.4. Browser configuration

The following chapter describes how to configure the browsers that they request Kerberos tickets from the Active Directory Domain Controller and send it to Airlock IAM. The example illustrates what must be configured for the domains https://a.airlock.com and https://b.airlock.com.

Internet Explorer

  • 1.
    Open the Internet options dialog
  • 2.
    Switch to the tab Advanced
  • 3.
    Enable the checkbox Enable Integrated Windows Authentication (a restart is required).
  • 4.
    Switch to the tab Security
  • 5.
    Select the zone Trusted sites
  • 6.
    Click on Custom level
  • 7.
    Scroll down to User Authentication > Logon and enable to Automatic logon with current user name and password. Afterwards click on OK.
  • 8.
    Click on Sites
  • 9.
    Add the websites to the list (in this example those would be: https://a.airlock.com and https://b.airlock.com)
  • 10.
    Click on Close and afterwards OK to close the Internet options

Google Chrome

The Google Chrome Browser uses the same settings as Internet Explorer. After configuring Internet Explorer correctly, Front-side Kerberos with Google Chrome should work as well.

Mozillla Firefox

  • 1.
    Open Firefox and navigate to about:config
  • 2.
    Click on I accept the risk when the warning appears
  • 3.
    Search for negotiate
  • 4.
    Double click the Preference Name network.negotiate-auth.trusted-uris to edit the setting
  • 5.
    Enter a comma-separated list of the trusted websites
    (in this example those would be: https://a.airlock.com and https://b.airlock.com)
  • 6.
    Click on OK and close the browser tab of about:config