Configuring Kerberos single sign-on on the Windows client host
After you have configured Kerberos on the LSF and LSF Application Center hosts, the final step in the flow of enabling single sign-on with Kerberos is to configure Kerberos on the client host, which includes setting the browsers for Kerberos access on the client so that users can single sign on to LSF Application Center using Kerberos authentication.
Procedure
Configure browsers for Kerberos single sign-on access with SPNEGO authentication from a
Windows client:
- Mozilla Firefox:
- Open Firefox, and from the address field, type about:config.
- Accept the risk, if cautioned about changing advanced configuration preferences.
- In the search filed, type negotiate.
- Click the pencil icon to edit the network.negotiate-auth.trusted-uris
parameter to the LSF Application Center server host you want to authenticate against (for example,
myhost). - Click the check mark icon to save your settings.
- Internet Explorer, Microsoft Edge, and Google Chrome:
- Open the browser and select and then the Security tab.
- In the Local intranet section, click .
- In the Add this website to the zone field, add the LSF Application Center server host (for example, http://myhost) and click Add to add it to the Websites list. Adding the server host to this secure zone list ensures that is trusted.
- Click Close.
- In the Local intranet section, click Custom level, scroll to the User Authentication section, and enable Automatic logon with current user name and password.
- Click OK, and OK again, to save your settings and exit.