Bug 488086 - Fall back to username/password in web UI
Summary: Fall back to username/password in web UI
Keywords:
Status: CLOSED DUPLICATE of bug 646239
Alias: None
Product: freeIPA
Classification: Retired
Component: Documentation
Version: 1.2
Hardware: All
OS: Linux
low
medium
Target Milestone: v2 release
Assignee: David O'Brien
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: 431020 489811 646217 646239
TreeView+ depends on / blocked
 
Reported: 2009-03-02 15:59 UTC by Rob Crittenden
Modified: 2015-01-04 23:36 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 646239 (view as bug list)
Environment:
Last Closed: 2011-01-14 03:32:42 UTC
Embargoed:


Attachments (Terms of Use)

Description Rob Crittenden 2009-03-02 15:59:04 UTC
Currently the web UI login will fail if kerberos negotiation fails. To have it fall back to have the browser pop up a username/password dialog, do the following:

- edit /etc/httpd/conf.d/ipa.conf
- In the section <ProxyMatch ^.*/ipa/ui.*$>
- Change KrbMethodK5Passwd from 'off' to 'on'
- /sbin/service restart httpd

Note that this change may not be preserved between IPA updates.

Comment 2 David O'Brien 2010-09-14 10:06:23 UTC
Is this still true with the revised web UI, with IPA 2.0, etc?

Comment 4 Dmitri Pal 2010-09-14 15:51:05 UTC
See ticket https://fedorahosted.org/freeipa/ticket/216

The way this is done is to set KrbMethodK5Passwd on in /etc/httpd/conf.d/ipa.conf and restart httpd. By default this is off. This is documented on the wiki.

Comment 5 Rob Crittenden 2010-09-14 19:33:55 UTC
Dmitri is right. You can skip the Proxy part in the previous instructions.

Note that this needs to be done on a per-server basis so if you have a number of replicas this needs to be done to all of them.

Comment 6 David O'Brien 2011-01-14 03:32:42 UTC

*** This bug has been marked as a duplicate of bug 646239 ***


Note You need to log in before you can comment on or make changes to this bug.