Login/Register
Internet Explorer always using NTLM instead of Kerberos
Asked Answered
internet-explorerauthenticationkerberosntlmwebhdfs
A

0

7

I am trying to browse my HDFS system from internet explorer but for some reason it is always using NTLM instead of Kerberos, so I receive the message

GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag)

If I browse from Firefox (after setting the properties network.auth.use-sspi=false and network.negotiate-auth.trusted-uris=https://pd-vrt-21488) everything works fine.

In IE I added https://pd-vrt-21488:50470 to the list of local intranet sites and enabled “Integrated Windows Authentication”.

Looking at the request by using Fiddler I see the difference between Firefox using Kerberos and IE using NTLM. Firefox header: 

Authorization: Negotiate YIICyAYGKwYB .....much more character.....V2HbPG57vXnQ7Vm7ba7MTJ7qzJ7zA7+1foY=

IE header:

Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==

Any ideas what’s wrong ?

Asperse answered 22/4, 2016 at 12:42 Comment(4)
Did you test it in a different machine?Barricade
I used different client machines.Asperse
@Asperse Did you find any solution?Augur
wireshark can help identify the issue because it can decode the tokenTyphus

© 2022 - 2024 — McMap. All rights reserved.