2:19 p.m.
Good day,
For sake of argument, assume that someone has set up a MS Active Directory
domain with Kerberos disabled, but NTLM still enabled. In that situation,
would a user browsing to a Keycloak-protected application, with LDAP+SPNEGO
enabled (against that MS AD system) still allow for Integrated Windows
Authentication (auto-login without prompt) to web application?
Thanks much,
Guy
10:47 a.m.
Good day,
For sake of argument, assume that someone has set up a MS Active Directory
domain with Kerberos disabled, but NTLM still enabled. In that situation,
would a user browsing to a Keycloak-protected application, with LDAP+SPNEGO
enabled (against that MS AD system) still allow for Integrated Windows
Authentication (auto-login without prompt) to web application?
Thanks much,
Guy
<re-sending today as same message yesterday didn't make it through to the
list>
2:05 a.m.
I afraid that it won't work ATM. You can create JIRA for this though.
However I am not sure if it's priority for us to do that.
Alternatively you can try to contribute this yourself. Maybe the only
required thing will be to add NTLM OID ( 1.3.6.1.4.1.311.2.2.10 ) to the
list here
https://github.com/keycloak/keycloak/blob/master/federation/kerberos/src/...
. However I afraid it likely won't be that easy...
Marek
On 28/06/16 17:47, Guy Davis wrote:
Good day,
For sake of argument, assume that someone has set up a MS Active
Directory domain with Kerberos disabled, but NTLM still enabled. In
that situation, would a user browsing to a Keycloak-protected
application, with LDAP+SPNEGO enabled (against that MS AD system)
still allow for Integrated Windows Authentication (auto-login without
prompt) to web application?
Thanks much,
Guy
<re-sending today as same message yesterday didn't make it through to
the list>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3270
days inactive
3272
days old
2 comments
2 participants
participants (2)
-
Guy Davis -
Marek Posolda