Re: iceweasel: Kerberos authentication does not work
Lars-Johan Liman <firstname.lastname@example.org> writes:
> It turns out that there has been a microscopic change in the
> interpretation of the
> key between Iceweasel 2.x and 3.x. In my version 2.0 config I had set
> network.negotiate-auth.trusted-uris https:
> but it turns out that that is not sufficient to trigger the Kerberos
> behaviour in Iceweasel 3.0, but when I changed it to
> network.negotiate-auth.trusted-uris https://
> (note the trailing double-slash) it just started working again.
Oh. Yes. The matching logic there has been very badly underdocumented.
> And, BTW, it is not necessary to set the
> key to any value. The "trusted-uris" is sufficient - at least in my
> case. :-)
Right, I was talking about the other way around (the original message
mentioned setting only delegation-uris, not trusted-uris, IIRC). You
generally do not want to set delegation-uris unless you have a specific
need, and you *never* want to set it to a wildcard like https://.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>