The step described here (http://cockpit-project.org/guide/latest/sso.html) are exactly the steps I do to configure FreeIPA to SSO with kerberos.
If I create a kerberos ticket with "kinit admin", when I go to http://ipasrv/ipa/ui with firefox from my desktop (ipa client), I am logged in without username/password. But when I go to http://ipasrv:9090 with firefox (cockpit is installed on the ipa server), cockpit asks me for a username and password. And I log in as root. On the ipa server, I can run $ getent passwd [email protected] smith:*:1002:1025:John Smith:/home/smith:/bin/bash $ host -t SRV _kerberos._udp.example.com _kerberos._udp.example.com has SRV record 0 100 88 zaira.example.com. On my desktop, firefox is configured like this: network.negotiate-auth.trusted-uris user set string .example.com So I must be missing something. Regards, Fuji
_______________________________________________ cockpit-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
