when authenticating from outside receiving two login pages. Receiving a 302 temporary move which looses the username and password. Need second authentication to log in. Where in the configuraiton files can we alter the 302 temporary move to an internal forward instead.
Thanks for contacting us direct so we can support you directly on this additional use cases so we can properly assist you.
Answers.atlassian.com is not the place for a custom config/network specific solution. As you know, the initial authenticator was per your site.
Our confluence is set up as such:
Standalone Confluence 3.5.13 (one server) - a separate SQL server 2005
Open to outside access. When a user tries to access confluence from outside receive an initial login screen.
upon entering login information. Then prompted to enter login information again, then authenticated to confluence.
When watching wireshark - see severl 302 temporarily moved lines. I read that when you receive a 302 temporarily moved - the kerberos authentication is lost. Documentatio mentions that we should use internal forwards instead, which would keep the username and password information.
If this is the case, what needs to be entered and where is this entered
We have done some serious packet watching and testing inside, outside, even on a computer that was inside but not in the domain. Here is where we are:
Can the Kerberos authenticator either:
- Permit NTLM as well or
- Drop the negotiation and only allow basic and Kerberos?
When accessing the site with Internet Explorer either outside or on a machine that is not in the domain you get the initial IE preferred authentication “ntlm”, then the authenticator rejects this and a new window pops up requesting “basic” authentication and success……
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG