• 0

Determining if Kerberos auth would be successful using JavaScript

Asked by @Leo,

 Share

Question

Rising Star

@Leo

Posted
Posted

Hi guys,

I have the following scenario: The user requests a web page. He is redirected to a landing page which should determine if the user can successfully authenticate using a Kerberos ticket. If he can, then he should be redirected to his originally requested page. If he can't, I do not wish the user to see the regular browser credentials window, but instead be redirected to a log-in page (after which he will be redirected to his originally requested page).

Any idea how I can test in JS if authentication would be successful and then make the decision then?

Any other ideas would be welcome as well. My server-side will be written in PHP.

Thanks,

6 answers to this question

Recommended Posts

  • 0
Grand Master

Boz

Posted
Posted
  On 25/07/2011 at 07:57, DerpDerp said:

Hi guys,

I have the following scenario: The user requests a web page. He is redirected to a landing page which should determine if the user can successfully authenticate using a Kerberos ticket. If he can, then he should be redirected to his originally requested page. If he can't, I do not wish the user to see the regular browser credentials window, but instead be redirected to a log-in page (after which he will be redirected to his originally requested page).

Any idea how I can test in JS if authentication would be successful and then make the decision then?

Any other ideas would be welcome as well. My server-side will be written in PHP.

Thanks,

You can use JQuery/Ajax and run the PHP script. If successful do one thing if not do another and you can do this JQuery callback

You can use these:

http://api.jquery.com/jQuery.get/

http://api.jquery.com/jQuery.post/

http://api.jquery.com/jQuery.ajax/

  • 0
Rising Star

@Leo

Posted
  • Author
Posted

Thanks for your answer!

Would a XMLHttpRequest suffice?

But correct me if I'm wrong, aren't these HTTP authentications a little ping-pong game? 401 first, then retry then so and so on. Wouldn't the AJAX request stop and fail on the first 401?

Thanks,

  • 0
Rising Star

@Leo

Posted
  • Author
Posted
  On 26/07/2011 at 08:28, C:Amie said:

You need to catch the status code back from the XMLHttpRequest before you execute your client code against the return value (i.e. look for a 200 code). You need to add handlers for other relevant status codes.

Yes, but would catching the initial return code not yield the initial 401 before the ping-pong of authentication (in my case either Kerberos or NTLM)?

  • 0
Experienced

C:Amie

Posted
Posted

The web server shouldn't return from its script process until it has an authentication decision. If for some reason you have an asynchronous kerberos proces going on, you'll just have to re-send the request on receipt of a 401 with a longer wait timer defined at the server

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.