SSO waffle asking username and password
Asked Answered
N

2

7

I am trying to run demo of waffle 'waffle filter demo' download from http://repo1.maven.org/maven2/com/github/dblock/waffle/waffle-filter-demo/1.6/waffle-filter-demo-1.6.war

I am using tomcat as servlet container and deployed the war file.

When I try to access the server with URL http:// localhost:8080/waffle-filter-demo-1.6/ I am able to get authenticated through current windows login and my windows user is authenticated.

But when I access the same url using IP address http:// 192.168.2.63:8080/waffle-filter-demo-1.6/. Waffle is asking me to enter username and password.

Anyone came across this scenario before? How can I get authentication success by access using IP address?

No answered 15/5, 2014 at 10:15 Comment(2)
Actually I'm facing this problem. If you have more information by other hand please let me know. :)Smalt
I could not solve this, went with spnego and kerberosNo
S
8

I've solved this problem following https://community.jalios.com/jcms/jx_73408/en/windows-authentication-waffle-plugin-12?cid=jc_84212.

You have to configure the web browser in order for Windows authentication to be sent to remote HTTP server.

To configure Internet Explorer for automatic logon

Open the Internet Options dialog box by choosing Internet Options either from Control Panel or from the Tools menu in Internet Explorer. In the Internet Options dialog box, on the Security tab, select Local intranet, and then click Custom Level. In the Security Settings dialog box, under Logon, select Automatic logon only in Intranet zone, and then click OK. In the Internet Options dialog box on the Security Settings tab with Local intranet still selected, click Sites. In the Local intranet dialog box, click Advanced. In the next dialog box (also titled Local intranet), type the URL of your JCMS web site (for example, https://intranet.mycompany.com) in the Add this Web site to the zone box, and then click Add. In the Local intranet dialog, box click OK. In the original Local intranet dialog box, click OK. In the Internet Options dialog box, click OK.

Google Chrome

Google chrome is automatically configured to send the proper credential.

Firefox

The domain of the HTTP server must be added to the trusted domain for Negotiate authentication, using preference network.negotiate-auth.trusted-uris, either through about:config (in address bar) or in prefs.js (in user profil directory). Read Mozilla.org - Integrated Authentication for more information.

Smalt answered 22/5, 2014 at 3:44 Comment(0)
U
5

Internet Options from the Internet explorer is applicable for all the browsers. And so If the "Logon From Intranet " option is disabled, it will ask the User name and the password accross all the browsers . Solution : Go to Internet Options -> Security -> Custom Level -> Scroll To END ("User authentication") -> Choose either "Automatic logon only in Intranet zone" OR "Automatic logon with current user name and password" .

Sometimes "Automatic logon only in Intranet zone" doesnt work for IP address of other machines within the same network because the browser assumes it as the open IP(Internet).In this case add the ip of the target machine on "Sites"->Advanced. eg : https://10.11.12.13 in the list It should work now !

"Automatic logon with current user name and password" Should solve this issue for any machine across the internet/intranet.

Unreligious answered 12/10, 2015 at 15:7 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.