Crazy IE Bug
Wednesday, March 15, 2006This one was really frustrating. The behavior seemed bizarre, some people could login, some people couldn't.
Here's the situation:
- Using Internet Explorer,
- on a Kerberos-enabled Windows domain,
- access a website that is
- specified in the trusted sites zone, and
- Enable Integrated Windows Authentication is checked.
- Trying to access the site over standard HTTP instead of HTTPS (i.e., not over SSL), results in a Server Not Found error - DNS error
- Once on an SSL connection, form data simply will not POST (The POST Method Does not Work if You are using Kerberos Authentication)
- When not in SSL-mode, IE can't (or won't) connect to the Kerberos server, which is actually the server not found. The problem is that our solution needed to allow people to connect either way, and then be redirected to SSL. However, whether SSL or not, the user has to be authenticated first, which this bug prevented when not in SSL mode.
- Then the user gets an additional login form, which mind-bogglingly just does nothing!
1 Comment
- David LaRocque: Turns out disabling Kerberos in IIS took care of the whole problem. But hey, now you know how to fix it when you can't control the server! (commented on 3/30/2006 3:33:25 PM)
Comments are closed for this article.