Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation revision #108

Open
AlexElizard opened this issue Nov 13, 2020 · 2 comments
Open

Documentation revision #108

AlexElizard opened this issue Nov 13, 2020 · 2 comments

Comments

@AlexElizard
Copy link

AlexElizard commented Nov 13, 2020
edited
Loading

Examples of using nginx and kerberos for single-domain and multi-domain authentication were not presented.
I have shown examples in this question.

It should also be noted that auth_gss_allow_basic_fallback off does not work in browsers based on Chromium engines due to the way the Authentication: Negotiate header is handled.

Work tested on nginx 1.18.0, MIT KRB5 v1.12

Unfortunately, I can't think of how to put this in the documentation, so I didn't make a pull request.
@chaisacchu
Copy link

@AlexElizard We are planning for SSO against Active Directory so planning to use spnego with kerboros on nginx. Could you please provide me if any article on creating keytab file and configuration with example.

@AlexElizard
Copy link
Author

AlexElizard commented Dec 29, 2020
edited
Loading

@chaisacchu
I have not been involved in setting up AD, but our sysadmin used this article.
Here you can see the kerberos and nginx settings for the backend.
The question contains settings for single-domain authentication.
In the accepted answer for multi-domain authentication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AlexElizard @chaisacchu