[Freeipa-devel] [PATCH] automatic browser config
Rob Crittenden
rcritten at redhat.com
Wed Dec 12 16:39:00 UTC 2007
Karl MacMillan wrote:
> On Wed, 2007-12-12 at 09:37 -0500, Rob Crittenden wrote:
>> Add automatic browser configuration for kerberos SSO using javascript.
>>
>> This uses the UniversalPreferencesWrite function to set the browser
>> preferences to allow negotiation and ticket forwarding in the IPA domain.
>>
>> A self-signed certificate is generated to sign the javascript.
>>
>> This will only display and work on modern gecko-based browsers.
>>
>
> This worked for me (once a minor typo was fixed) - pushed. A few
> questions:
>
> 1) How will this work when a user provides their own certs? Is there an
> easy way for them to re-sign the jar or do we need to provide a tool to
> help them do that?
I guess we'd need to add the ability to import a pkcs#12 signing cert
too. Then write a short script to do the signing.
> 2) Can we force a reload after configuration - currently it says success
> but nothing happens.
I might be able to redirect them after the dismiss the alert box. I'll
look into it.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071212/af9fefd2/attachment.bin>
More information about the Freeipa-devel
mailing list