Enable integrated authentication

Overview

To use the Web Console with seamless SSO authentication via Kerberos you need to ensure integrated authentication is enabled in your browser and the Web Console is white-listed.

This process varies between browsers.

Internet Explorer and Edge

To configure integrated authentication Internet Explorer or Edge you need to configure the Windows internet options to add the Web Console address to the local Intranet security zone.

To do this, follow the steps:

  1. Open the Internet Options window.
  2. Navigate to Security > Local Intranet.
  3. Click Sites.
  4. Click Advanced.
  5. Add the Web Console address https://<hostname>:8080to the zone.

Note: You can access the Internet Options window from either Internet Explorer or from the Windows control panel.

Chrome

To configure integrated authentication in Chrome you need to add the Web Console address https://<hostname>:8080 to the AuthServerWhitelist and AuthNegotiateDelegateWhitelist in Chrome.

In Windows if the AuthServerWhitelist and AuthNegotiateDelegateWhitelist have not been set, Chrome defaults to allowing authentication from servers listed in Local Machine or Local Intranet security zone as specified in the Windows internet options.

For more information about integrated authentication in Chrome see the Chromium design documents.

Firefox

To configure integrated authentication in Firefox:

  1. Open about:config
  2. Add the Web Console address https://<hostname>:8080 to the exceptions lists:
    • network.negotiate-auth.trusted-uris
    • network.negotiate-auth.delegation-uris

For more information about integrated authentication in Firefox see the Mozilla developer documentation.