57.4 Enabling the Browser to Return Kerberos Tokens

You can configure the Internet Explorer or Mozilla Firefox browsers to return Kerberos tokens.

Perform the appropriate procedure on all Active Directory servers. Use either of the following procedures to configure the browsers.


With Internet Explorer browsers, Integrated Windows Authentication is enabled by default and you might not need any changes to the default configuration for WNA to work.

57.4.1 Enabling Kerberos Tokens in Internet Explorer

You can enable Kerberos token in Internet Explorer.

To enable Kerberos token:

  1. On a Windows host in the Active Directory domain, sign in as a domain user.
  2. Open the Internet Explorer browser.
  3. From the Tools menu, click Internet Options, click Security, click Local Intranet, click Advanced.
  4. On the Advanced tab, Security section, check the box beside Enable Integrated Windows Authentication, and click OK.
  5. Add Oracle Access Manager CC host or domain name to Local Intranet zone (use the format http://node.host:port (the port is not required)). For example:
  6. Restart the Internet Explorer browser to enable the change.

57.4.2 Enabling Kerberos Tokens in Mozilla Firefox

You can enable Kerberos tokens in Mozilla Firefox.

To enable Kerberos tokens:

  1. In the browser Address bar, enter about:config.
  2. Add Oracle Access Manager CC host or domain name under network.negotiate-auth.trusted-uris as: network.negotiate-auth.trusted-uris=http://oam11g.example.com

    Multiple URIs are separated with a comma.