Kerberos not working with session upgrade
Concerned version
Version: 2.0.6
Platform: Nginx
Summary
Using Combination (Kerberos+LDAP) and Kerberos with AJAX.
When using session upgrade (in the context of a SAML request with ForceAuthn=TRUE), Kerberos authentication is not automatically reused to refresh the session.
Logs
The Kerberos AJAX request hits / , but since a session already exists, nothing happens
Possible fixes
My current solution is slightly change the behavior in kerberos.js so that
- It sends the ajax request to /upgradesession instead of /
- The user gets redirected to / instead of POSTing the upgradesession form, which in turn triggers autoredirect and allows to complete the SAML flow