Problem with kerberos authentication and ajax
Hello, i'm using LemonLDAP-ng 1.9.14 with nginx. I'm trying to configure the authentication with the "multi" configured as follows : Kerberos;LDAP I would to like to get authenticated "automatically" with kerberos and fall back to ldap (with form, i would prefer to avoid the authentication popup) if no kerberos.
I can't get to work Kerberos authentication with ajax enabled, the server logs first show that i'm correctly authentified : FastCGI sent in stderr: "[notice] Lemonldap::NG : toto@REALM.LOCAL authentified by Kerberos (10.x.y.z)" while reading response header from upstream, client: 10.x.y.z, server: auth.xxx.fr, request: "GET /?kerberos=1 HTTP/1.1",
Then immediately :
FastCGI sent in stderr: "[notice] Lemonldap::NG : Kerberos authentication has failed, back to portal (10.x.y.z)" while reading response header from upstream, client: 10.x.y.z, server: auth.xxx.fr, request: "POST /?url=aHR0cHM6Ly9tYWJlbGxldXJsLm1vbmJlYXVkb21haW5lLmNvbS8= HTTP/1.1"
And i'm back to the form so i have to authenticate with LDAP(which works)
What works : LDAP with form, Kerberos with ajax disabled, but if kerberos auth cannot be performed, i get a http authentication popup (i'm not sure i can get rid of that ?)
I use the last versions of firefox and chrome with the proper configuration to enable kerberos authentication.