Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-7737

JBoss Negotiation shipped with JBoss Web 5.1.2 doesn't work with google chrome on Linux

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • TBD EAP 5
    • EAP_EWP 5.1.2
    • PicketLink
    • None

    • jbossas-web-5.1.2-7.ep5.el6.noarch
      jboss-security-negotiation-2.0.3-2.SP3.3.ep5.el6.noarch

      on

      Red Hat Enterprise Linux Server release 6.2 (Santiago)

      with java-1.6.0-openjdk-1.6.0.0-1.41.1.10.4.el6.x86_64

    • NEW

      We currently have a web application that runs in JBoss Web 5.1.2 (installed via rpms on rhel6) that uses the JBoss negotiation (that ships with JBoss Web 5.1.2) to do GSSAPI authentication for our application.

      Everything works fine in Firefox, but in Chrome, when a user tries to log in using GSSAPI authentication, they simply get an empty HTML page response with a HTTP code of 200 back from the jboss server. This is on a Linux desktop (haven't tested with windows).

      This is also reproducible with the jboss negotiation toolkit, and with different applications.

      I haven't delved much deeper but it looks like jboss negotiation just always assumes the GSSAPI is wrapped in SPNEGO, which I think chrome does it's request with raw KRB in SPNEGO instead (I could be wrong about this).

      We would expect that JBoss EWP 5 to be able work with GSSAPI authentication in both Firefox and chrome (in addition to other supported browsers).

              anil.saldhana Anil Saldanha (Inactive)
              graeme.gillies Graeme Gillies (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: