waffle_negotiate failing with fully qualified machine name URLs

Jul 7, 2011 at 9:02 PM


Versions tested ( 1.4 with Tomcat 6.0.x) and ( waffle version for Tomcat 7.0.x). The issue is occuring on both versions.

For e.g. my IP address and machine name is wmid100.main.company.com

I have tried both urls in both IE 8 and Firefox 4 after adding both servers to Local Intranet-> Sites and it works fine(displays user name) from my local machine


However, when I ask my colleagues to test it out from their machines which is in the same intranet ( they added urls to Local Intranet Sites and IWA turned on) only the first link works, the second one always responds back with a challenge. Is there any set up that I am missing in the second case? Please advise and thanks very much in advance.

P.S. For Chrome browsers is there any set up similar to IE/Firfox?



Jul 8, 2011 at 2:38 PM

Start by going through the Troubleshooting Negotiate section. It also talks about how to configure Firefox. Would be nice if you wrote up how to do this in Chrome once you have it working, thx.

Jul 8, 2011 at 9:01 PM

Seems this is related to the issue mentioend here ( http://waffle.codeplex.com/discussions/254748 ).

Do we need to do anything extra with Tomcat server other than creating a SPN with the following command?

setspn -A HTTP/<server-fqdn> <user_tomcat_running_under>


Please advise - thanks very much

Jul 9, 2011 at 2:59 PM

In theory no, but many other things can and will go wrong ;) Let us know how it goes.