{"id":463,"date":"2023-06-28T16:22:13","date_gmt":"2023-06-28T13:22:13","guid":{"rendered":"https:\/\/itbru.ru\/?p=463"},"modified":"2023-06-28T16:22:13","modified_gmt":"2023-06-28T13:22:13","slug":"sso-%d0%b4%d0%bb%d1%8f-web-%d0%b4%d0%be%d1%81%d1%82%d1%83%d0%bf%d0%b0-%d0%ba-1%d1%81-double-hop-kerberos","status":"publish","type":"post","link":"https:\/\/itbru.ru\/index.php\/2023\/06\/28\/sso-%d0%b4%d0%bb%d1%8f-web-%d0%b4%d0%be%d1%81%d1%82%d1%83%d0%bf%d0%b0-%d0%ba-1%d1%81-double-hop-kerberos\/","title":{"rendered":"SSO \u0434\u043b\u044f web \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a 1\u0421. Double hop Kerberos."},"content":{"rendered":"\n

\u041e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0447\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c SSO \u0434\u043b\u044f web \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a 1\u0421 \u043d\u0435 \u0442\u0430\u043a \u043f\u0440\u043e\u0441\u0442\u043e \u043a\u0430\u043a \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 1\u0421 \u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440(IIS \u043f\u0440\u043e\u0441\u0442\u0438 \u0433\u043e\u0441\u043f\u043e\u0434\u0438) \u044d\u0442\u043e \u0440\u0430\u0437\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b, \u043f\u0440\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 «double hop», \u0438 \u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438 SSO \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u041c\u0430\u043a\u0441\u0438\u043c\u0443\u043c \u0447\u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f — \u044d\u0442\u043e SSO \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Internet Explorer \u0438\u043b\u0438 Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 IE. \u0414\u043b\u044f \u0442\u043e\u0433\u043e \u0447\u0442\u043e-\u0431\u044b SSO \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0432 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u044b\u0445 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445 \u043d\u0443\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u044e\u0447\u0435\u0439 \u0432 \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0438\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f ADMX-\u0448\u0430\u0431\u043b\u043e\u043d\u043e\u043c \u0434\u043b\u044f \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430.<\/p>\n\n\n\n

\u042f \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u043b \u043a\u043b\u044e\u0447\u0438 \u0432 \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0434\u043b\u044f Edge \u0438 Chrome.<\/p>\n\n\n\n

Edge\nHKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Edge\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043a\u043b\u044e\u0447 AuthNegotiateDelegateAllowlist<\/strong> \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c DNS \u0438\u043c\u0435\u043d\u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043a\u043b\u044e\u0447 AuthNegotiateDelegateWhitelist<\/strong> \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c DNS \u0438\u043c\u0435\u043d\u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\n\nChrome\nHKEY_CURRENT_USER\\Software\\Policies\\Google\\Chrome\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043a\u043b\u044e\u0447 AuthNegotiateDelegateAllowlist<\/strong> \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c DNS \u0438\u043c\u0435\u043d\u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\r\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043a\u043b\u044e\u0447 AuthNegotiateDelegateWhitelist<\/strong> \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c DNS \u0438\u043c\u0435\u043d\u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440\u0430<\/code><\/pre>\n\n\n\n
\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440, \u0438 \u0435\u0441\u043b\u0438 \u0432\u0441\u0435 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e — SSO \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 Edge \u0438 Chrome.<\/p>\n\n\n\n
\u0421\u0442\u0430\u0442\u044c\u044f \u043d\u0430 Microsoft:<\/p>\n\n\n\n
https:\/\/learn.microsoft.com\/ru-ru\/troubleshoot\/developer\/webapps\/iis\/www-authentication-authorization\/kerberos-double-hop-authentication-edge-chromium<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u041e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0447\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c SSO \u0434\u043b\u044f web \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a 1\u0421 \u043d\u0435 \u0442\u0430\u043a \u043f\u0440\u043e\u0441\u0442\u043e \u043a\u0430\u043a \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 1\u0421 \u0438 Web-\u0441\u0435\u0440\u0432\u0435\u0440(IIS \u043f\u0440\u043e\u0441\u0442\u0438 \u0433\u043e\u0441\u043f\u043e\u0434\u0438) \u044d\u0442\u043e \u0440\u0430\u0437\u043d\u044b\u0435…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75,74],"tags":[77,76,78,79,73],"class_list":["post-463","post","type-post","status-publish","format-standard","hentry","category-1c","category-sso","tag-1c","tag-chrome","tag-edge","tag-kerberos","tag-sso"],"_links":{"self":[{"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/posts\/463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/comments?post=463"}],"version-history":[{"count":2,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/posts\/463\/revisions"}],"predecessor-version":[{"id":465,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/posts\/463\/revisions\/465"}],"wp:attachment":[{"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/media?parent=463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/categories?post=463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itbru.ru\/index.php\/wp-json\/wp\/v2\/tags?post=463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}