Wiki source code of Firefox mit NTLM-Authentifizierung für Single Sign-On
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | {{content/}} | ||
| 2 | |||
| 3 | If you would like to use NTLM authentication for signing in to forms directly from within Firefox, you need to modify some settings. | ||
| 4 | |||
| 5 | == Option 1 – Changing the NTLM settings manually == | ||
| 6 | |||
| 7 | {{figure image="ntlmfirefox1en.png"}} | ||
| 8 | When opening the advanced settings, Firefox warns you about voiding your warranty. | ||
| 9 | {{/figure}} | ||
| 10 | |||
| 11 | {{figure image="ntlmfirefox4en.png"}} | ||
| 12 | The advanced settings in Firefox, with the relevant entries for enabling NTLM support. | ||
| 13 | {{/figure}} | ||
| 14 | |||
| 15 | 1. Start Firefox and open the advanced settings by entering //about:config// into the address bar, and press enter. | ||
| 16 | 1. Firefox now warns you that this might void your warranty. Click on //I accept the risk!//. | ||
| 17 | 1. Use the search bar to search for //ntlm//. | ||
| 18 | 1. Click twice on the entry //network.automatic-ntlm-auth.trusted-uris// to modify its value. | ||
| 19 | 1. Enter the server address of the NTLM server in the dialog that opens. If you want to enter more than one server, do so by separating them with a comma. For example: //http:~/~/myserver_1, http:~/~/myserver_2//. In case you want allow an entire domain, this can be achieved like this: //http:~/~/.myDomain.dom//. Wildcards such as a star ({{{*}}}) or a question mark ({{{?}}}) are not supported. | ||
| 20 | |||
| 21 | The following steps apply only to Firefox 13 and higher. | ||
| 22 | |||
| 23 | (% start="6" %) | ||
| 24 | 1. Click twice on the entry //network.automatic-ntlm-auth.allow-non-fqdn//, if its value is not set to //true// already. It should now be set to //true//. | ||
| 25 | 1. Use the search bar to search for //negotiate//. | ||
| 26 | 1. Click twice on the entry //network.negotiate-auth.allow-non-fqdn//, if its value is not set to //true// already. It should now be set to //true//. | ||
| 27 | 1. Click twice on the entry //network.negotiate-auth.trusted-uris// and enter your domain. | ||
| 28 | |||
| 29 | Now restart Firefox and you are done. | ||
| 30 | |||
| 31 | == Option 2 – Batch script == | ||
| 32 | |||
| 33 | {{figure image="ntlmfirefox2.png"}} | ||
| 34 | A simple batch script that add the settings automatically. Note that this will not work when the default settings have already been modified. Save this script with the extension //*.cmd//. | ||
| 35 | {{/figure}} | ||
| 36 | |||
| 37 | For companies it may be desirable to apply the required settings via a batch script automatically. | ||
| 38 | |||
| 39 | Mozilla Firefox saves its settings in the file //prefs.js//, located at //%APPDATA%\Mozilla\Firefox\Profiles\profilname.default//. | ||
| 40 | |||
| 41 | The profile name is a random string consisting of 8 letters and digits. When the settings have not yet been modified via the configuration page, they can be added with the following batch script. Firefox should be closed when executing the script. | ||
| 42 | |||
| 43 | {{code language="batch"}} | ||
| 44 | cd /D "%APPDATA%\Mozilla\Firefox\Profiles\*.default" | ||
| 45 | echo user_pref("network.automatic-ntlm-auth.allow-non-fqdn", true);>>prefs.js | ||
| 46 | echo user_pref("network.automatic-ntlm-auth.trusted-uris", "http://meinserver_1,http://meinserver_2");>>prefs.js | ||
| 47 | echo user_pref("network.negotiate-auth.allow-non-fqdn", true);>>prefs.js | ||
| 48 | echo user_pref("network.negotiate-auth.trusted-uris", ".myDomain.dom");>>prefs.js | ||
| 49 | {{/code}} |