I belive you are using websphere. The installations docs mention that you need to set some property in Websphere so that it does not add s=certain HTTP headers which cause that issueLook for CookiesConfigureNoCache in admin_guide.pdfHave you done that
Also regarding debugging the Firefox Kerberos issue can you follow the steps mentioned ar http://bretm.wordpress.com/2009/02/18/debugging-firefox-gssapi/. Should be similar for windows and post the log. Also refer to https://developer.mozilla.org/en/HTTP_LoggingI am intrested in knowing why it did n...
It might help. For SPNEGO to work there are two channels of communication-> client-> LC-> client -> ADSo capturing traffic at two end should help to get some clue. What happens when you access using FF. Are there any logs in server with the logging turned on as you mentioned in your earlier post?
Good to know things started working in some cases. For FireFox it should have worked with the configuration you didCan you check the network traffic using Wireshark and see for messages related to kerberos. Should indicate or give a hint on whats going wrongAlso what is your client os.
SPNEGO based SSO would only work with Microsoft Active Directory and not with any other directory server like LDAP. With OpenLDAP you would have to rely on username/password based authenticationThe Header based SSO requires a Third Party Security Product like Netigrity which handles the SSO.
Deleting the domain does not delete the associated content with that domain. Instead the related content is marked as obsolete and is not taken into consideration for most cases.So there must be a diff reason for the task being assigned to the System context account