Can you explain what the curl command does? And what about the version number 2.101? Is this the ipa version?
# curl -s --negotiate -u : https://f0.cockpit.lan/ipa/json \ --header 'Referer: https://f0.cockpit.lan/ipa' \ --header "Content-Type: application/json" \ --header "Accept: application/json" \ --data '{"params": [["HTTP/[email protected]"], {"raw": false, "all": false, "version": "2.101", "force": true, "no_members": false}], "method": "service_add", "id": 0}' Fuji On Thu, Oct 22, 2015 at 2:24 PM, Stef Walter <[email protected]> wrote: > On 22.10.2015 12:11, Fujisan wrote: > > The step described here > > (http://cockpit-project.org/guide/latest/sso.html) are exactly the steps > > I do to configure FreeIPA to SSO with kerberos. > > > > If I create a kerberos ticket with "kinit admin", when I go to > > http://ipasrv/ipa/ui with firefox from my desktop (ipa client), I am > > logged in without username/password. > > > > But when I go to http://ipasrv:9090 with firefox (cockpit is installed > > on the ipa server), cockpit asks me for a username and password. > > And I log in as root. > > > > On the ipa server, I can run > > > > $ getent passwd [email protected] <mailto:[email protected]> > > smith:*:1002:1025:John Smith:/home/smith:/bin/bash > > > > $ host -t SRV _kerberos._udp.example.com <http://udp.example.com> > > _kerberos._udp.example.com <http://udp.example.com> has SRV record 0 100 > > 88 zaira.example.com <http://zaira.example.com>. > > > > On my desktop, firefox is configured|like this: > > > > network.negotiate-auth.trusted-uris user set string > > .example.com <http://example.com>| > > > > So I must be missing something. > > There's some further info here: > > > https://github.com/cockpit-project/cockpit/blob/master/HACKING.md#setting-up-single-sign-on > > Does that help? > > Stef > > _______________________________________________ > cockpit-devel mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel >
_______________________________________________ cockpit-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
