Rechercher

Ce contenu n'est pas disponible dans la langue sélectionnée.

A.3. Troubleshooting Firefox Kerberos Configuration

download PDF
If Kerberos authentication is not working, turn on verbose logging for the authentication process.
  1. Close all instances of Firefox.
  2. In a command prompt, export values for the NSPR_LOG_* variables:
    export NSPR_LOG_MODULES=negotiateauth:5
    export NSPR_LOG_FILE=/tmp/moz.log
  3. Restart Firefox from that shell, and visit the website where Kerberos authentication is failing.
  4. Check the /tmp/moz.log file for error messages with nsNegotiateAuth in the message.
There are several common errors that occur with Kerberos authentication.
No credentials found
-1208550944[90039d0]: entering nsNegotiateAuth::GetNextToken()
-1208550944[90039d0]: gss_init_sec_context() failed: Miscellaneous failure
No credentials cache found
This means that no Kerberos tickets are available (meaning that they expired or were not generated). To fix this, run kinit to generate the Kerberos ticket, and then open the website again.
Server not found in Kerberos database
-1208994096[8d683d8]: entering nsAuthGSSAPI::GetNextToken()
-1208994096[8d683d8]: gss_init_sec_context() failed: Miscellaneous failure
Server not found in Kerberos database
This means that the browser is unable to contact the KDC. This is usually a Kerberos configuration problem. The correct entries must be in the [domain_realm] section of the /etc/krb5.conf file to identify the domain. For example:
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
No errors are present in the log
An HTTP proxy server could be stripping off the HTTP headers required for Kerberos authentication. Try to connect to the site using HTTPS, which allows the request to pass through unmodified.
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.