Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

How I can configure trusted URL sites by Group Policy?

  • 3 uphendule
  • 1 inale nkinga
  • 1702 views
  • Igcine ukuphendulwa ngu Mike Kaply

strelkovandrey
strelkovandrey
more options

I download Firefox 60. Download ADMX, but I can't found options similar trusted.uris how from about:config. I found only: Authentication_SPNEGO, Authentication_Delegated, Authentication_NTLM.

If I insert links of my sites LDAP authorization in these settings, then the browser, when I try to open them, will still request a login with a password If I manual add ulr to about:config -> trusted:uris - Then everything is successfully authorized

I download Firefox 60. Download ADMX, but I can't found options similar trusted.uris how from about:config. I found only: Authentication_SPNEGO, Authentication_Delegated, Authentication_NTLM. If I insert links of my sites LDAP authorization in these settings, then the browser, when I try to open them, will still request a login with a password If I manual add ulr to about:config -> trusted:uris - Then everything is successfully authorized

Isisombululo esikhethiwe

The trusted-uris preference is SPNEGO, so if you configure SPNEGO, you are configuring those URLS. From the documentation here:

https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication

"network.negotiate-auth.trusted-uris lists the sites that are permitted to engage in SPNEGO authentication with the browser"

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 1

All Replies (3)

Mike Kaply
Mike Kaply
  • Top 25 Contributor
  • Moderator
more options

Isisombululo Esikhethiwe

The trusted-uris preference is SPNEGO, so if you configure SPNEGO, you are configuring those URLS. From the documentation here:

https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication

"network.negotiate-auth.trusted-uris lists the sites that are permitted to engage in SPNEGO authentication with the browser"

strelkovandrey
strelkovandrey Umnikazi wombuzo
more options

Thanks! Got it!

Only there was one nuance... I configured:

network.negotiate-auth.delegation-uris network.negotiate-auth.trusted-uris

to http:// (our sites in intranet without Interner connection, and we trust to all our http:// sites =) )

Our site authentication by kerberos.

And when I open any sites in developer tools - Network tab I see that all links / resources first get 401 error and only after the site tries to download all the links received in response 401 errors, only then it starts to load them again but it seems on behalf of the current user and then everything is fine - 200 code.

In the access logs the web server and it turned out that the first treatment went anonymously on all links, and only then on behalf of the current user

Okulungisiwe ngu strelkovandrey

Mike Kaply
Mike Kaply
  • Top 25 Contributor
  • Moderator
more options

If you're thinking this is a bug, please open a bugzilla bug. Thanks!