Configuring the client browser to use spnego.
配置客户端浏览器以使用spnego。
SPNEGO is an internationally recognized standard.
SPNEGO是得到国际认可的标准。
It is an unprotected URL to prevent SPNEGO authentication.
它是阻止SPNEGO认证的一个未受保护url。
We have configured SPNEGO solutions for such environments.
我们已经为此类环境配置过SPNEGO TAI解决方案。
Recommendation: Always access SPNEGO via a virtual host name
建议:始终通过虚拟主机名访问SPNEGO
To learn more, see: Single sign-on for HTTP requests using SPNEGO.
要了解更多信息,请参见:Single sign - on forHTTP requests using SPNEGO。
To ensure that your browser is enabled to perform SPNEGO authentication.
要确保浏览器已经启用了执行SPNEGO身份验证的选项,请执行以下步骤。
The idea here is to allow SPNEGO SSO access via all possible host names by.
这里的想法是,要运行通过所有可能的主机名进行SPNEGOSSO访问。
This section highlights the key parts of the SPNEGO authentication process.
此部分将重点介绍SPNEGO TAI身份验证流程的主要部分。
To confirm that SPNEGO works there, they add a third SPN for webserv1.ibm.net.
为了确认该SPNEGO在其中正常工作,为webserv1.ibm.net添加了第三个SPN。
The client re-submits the request with the Authorization header containing the SPNEGO header.
客户端重新提交请求,并提供包含SPNEGO 头的Authorization 头。
If the Web server understands the SPNEGO token, then this token is used to implement secure SSO.
如果Web服务器理解SPNEGO令牌,然后会将此令牌用于实现安全sso。
If you must use multiple SPNs within a SPNEGO configuration see When are multiple SPNs recommended?
如果必须在SPNEGO中使用多个SPN(有关建议采用这种方式的唯一情况,请参见何时建议使用多个SPN ?)
This preference lists the sites that are permitted to engage in SPNEGO authentication with the browser.
此首选项将列出浏览器中允许参加SPNEGO身份验证的站点。
If SSL client authentication is enabled, why are you also considering SPNEGO as an authentication mechanism?
如果启用了SSL客户端身份验证,为何还要考虑将SPNEGO作为身份验证机制使用?
In this architecture, we leverage WebSEAL's ability to perform SPNEGO authentication on incoming Web connections.
在此体系结构中,我们利用WebSEAL的功能来对传入Web连接执行SPNEGO身份验证。
Enter the IP address for the targeted access point as equal to someserver.ibm.net, then test SPNEGO SSO. For example.
输入目标访问点的IP地址(这里使用someserver.ibm.net),然后测试SPNEGOSSO。
We have deployed the SPNEGO solutions on real customer environments on most of the available supported WebSphere Application Server platforms.
我们已经在大多数可用的受支持WebSphere 平台上的真实客户环境中部署了SPNEGO TAI解决方案。
If the deployed SPNEGO solution USES the advanced Kerberos feature of credential delegation, double-click network.negotiate-auth.delegation-uris.
如果部署的SPNEGO解决方案使用信任委托的高级Kerberos特性,那么双击net work . negotiate - auth .delegation -uris。
If the deployed SPNEGO solution is using the advanced Kerberos credential delegation feature, double click on network.negotiate-auth.delegation-uris.
如果所部署的SPNEGO解决方案使用高级Kerberos凭据委托功能,请双击net work . negotiate - auth .delegation - uris。
We usually see it occur when the system is built up from a single server, for example, wasserv1.ibm.net, and SPNEGO is configured on that single server.
我们通常发现,在以下情况下会出现这种配置:系统以单个服务器(例如,wasserv1.ibm.net)为基础构建,而SPNEGO配置于此服务器上。
It extracts and decrypts (this validates that it must have come from the TGS) the SPNEGO token to retrieve the user name and this user name is asserted to the server.
它提取并解密(这将验证其是否来自TGS)SPNEGO令牌,以检索用户名,并将此用户名断言到服务器。
Adds SPNEGO (Kerberos) functionality to allow users to authenticate to Web-based applications without being challenged after they have logged into their operating system.
添加spnego (Kerberos)功能,以允许用户对基于Web的应用程序进行身份验证,而不会在其登录到其操作系统时遇到困难。
In summary, the mapping of a user's principal name into a meaningful name to the WebSphere registry must be considered when planning a SPNEGO WebSphere Application Server deployment.
总的说来,在计划SPNEGO TAI部署时,必须考虑将用户的主体名称映射到WebSphere注册中心中的有意义的名称。
In summary, the mapping of a user's principal name into a meaningful name to the WebSphere registry must be considered when planning a SPNEGO WebSphere Application Server deployment.
总的说来,在计划SPNEGO TAI部署时,必须考虑将用户的主体名称映射到WebSphere注册中心中的有意义的名称。
应用推荐