e mi dava più soddisfazioni che un homeless. Ma ha fatto i soldi e si è comprato un mac, il traditore.
Ok guys. I’ve got something smart to write, at last.
Let’s say your boss has a brilliant idea:
«WTF, we’ve got Active Directory, we could open Internet Explorer and get into our webservers without having to authenticate!»
Let’s say you had implemented Apache with SSL on a Windows Server. Eurk.
Let’s say you managed to discover that you have to load mod_auth_sspi into Apache.
And so far, Internet Explorer is giving a freaky “Error 401: Authorization Required!” while Firefox, Opera etc. are gently fallbacking to basic auth.
The deadline is coming… you are sweating… You have spent the whole weekend googling to figure that sh*t out…
Well, what happened to me was: as soon as I heard the Boss’ footsteps, I remembered having laughed at three lines in the OpenSSL module configuration…
…YEAH! SSPI works as a charm, it’s the SSL conf the problem!
Leave SSPI alone, my dears, ’cause you only have to comment the
BrowserMatch *MSIE* blabla
directive in Apache’s SSL conf.
Then it’s only a matter of cleaning Internet Explorer’s cache and you’ll enter your website without having to type in anything.
Of course it’s still smarter to use Firefox/Opera/Safari, but the boss is pleased and smiling. W00t!
Questo blog è pubblicato sotto una Licenza Creative Commons.
Viene aggiornato senza alcuna periodicità, la frequenza dei post non è prestabilita e non può considerarsi un prodotto editoriale né è contraddistinto da una testata giornalistica ai sensi della legge n. 62 del 07/03/2001.
In altre parole, puppate.
Thank you sooooooooooooooo much! I searched for two days for a solution and finally i had just to comment out those lines
Hi Marzo,
Great post.. so does it mean the SSPI wont work without SSL?
I have a similar setup where I am working to Single sign On for an Intranet site. Ideally domain users should be authorized against AD over LDAP and log in transperantly.
I have tried different things but getting the 401 Authorization Error. I din’t setup SSL over Apache though, is it the missing piece?
Yes, SSPI only works over SSL.
Maybe you could find useful this webpage: http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-serversetup-apache.html#tsvn-serversetup-apache-7
Cheers