Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-9941: Why is IWA not working for Firefox after upgrading to version 58?

Centrify Identity Service, App Edition ,   Centrify Identity Service, App Plus ,   Centrify Identity Service, Mac Edition ,  

30 March,18 at 10:57 PM

Question: 



Why is IWA not working for Firefox after upgrading to version 58?



Answer:



Firefox v58+ now requires SPNEGO for silent authentication where as before this was an optional step.

Configuring Firefox (Windows & Mac)

To configure silent authentication in Firefox using network.negotiate-auth.allows-non-fqdn:

1 Open Firefox.

2 Type about:config as the target URL.

3 Type neg in the Filter field.

4 Select network.negotiate-auth.allow-non-fqdn. If it is set to false, right-click and select Toggle. If it is already set to true, do not change it.

5 This is now a required step.  Select and right click network.negotiate-auth.trusted-uris and select Modify. Enter a comma-separated list of the fully qualified domain name for each connector as string values, then click OK.
   For example, if you have two connectors —hosta.mycompany.com and hostb.mycompany.com— you click Modify, enter the following and click OK.
   hosta.mycompany.com,hostb.mycompany.com

The less-secure alternative would be to enter just the domain name. For example, you would click Modify, enter something like *.mycompany.com and click OK.

6 Close the about:config tab and close Firefox.

Note: For security reasons, be as restrictive as possible in specifying the comma-separated lists. 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.