Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SAML authentication prompting for Basic Auth instead of using cert for IWA #1261

Open
avoidwork opened this issue Sep 24, 2018 · 7 comments

Comments

@avoidwork
Copy link

commented Sep 24, 2018

Description

My MBP with latest brave stable & dev is prompting for basic auth during SAML dance, even though Apple's Enterprise Connect is running.

Steps to Reproduce

  1. Login to any application using SAML

Actual result:

dn3dfh9xuaa1gkf

Expected result:

Apple's Enterprise Connect handles the certificate, and basic auth challenge doesn't happen.

Reproduces how often:

Easily reproduced

Brave version (chrome://version info)

Brave | 0.55.6 Chromium: 70.0.3538.16 (Official Build) dev (64-bit)
Revision | 16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306}
OS | Mac OS X

Reproducible on current release:

Yes

Website problems only:

  • Does the issue resolve itself when disabling Brave Shields? No
  • Is the issue reproducible on the latest version of Chrome? No

Additional Information

Okta(.com) in use.

@diracdeltas

This comment has been minimized.

Copy link
Member

commented Sep 25, 2018

I don't have a test site for SAML implementations, but I did check that client cert auth works in Brave using the test at badssl.com

screen shot 2018-09-25 at 2 12 21 pm

@bbondy bbondy added this to the 1.x Backlog milestone Sep 30, 2018

@rebron rebron modified the milestone: 1.x Backlog Feb 7, 2019

@mukuld

This comment has been minimized.

Copy link

commented Jul 16, 2019

+1. I have the same issue. When a computer is a part of the enterprise domain, the authentication should just work seamlessly.

I am on the latest and greatest stable version as of today: Version 0.66.100 Chromium: 75.0.3770.142 (Official Build) (64-bit)

@avoidwork

This comment has been minimized.

Copy link
Author

commented Jul 17, 2019

I forgot about this issue; I had to stop using brave because it was too intrusive.

@mukuld

This comment has been minimized.

Copy link

commented Jul 23, 2019

That's interesting. The browser claims to be non-intrusive. What do you mean by it was too intrusive. Anyhow, I found some hacks that work to make the browser enterprise friendly. Now, if only the development team would implement these in the prodution version. I have documented it on my website.

using a hack creates a problems with upgrades as every upgrade breaks the hack and we have to redo again.

@avoidwork

This comment has been minimized.

Copy link
Author

commented Jul 23, 2019

Intrusive by disrupting the authentication mechanism & requiring me to put keyboard focus where it previously wasn't needed, and then entering a passphrase. The password prompt is a failover for the IWA.

@avoidwork

This comment has been minimized.

Copy link
Author

commented Jul 23, 2019

imagine browsing a large wiki and opening tabs, and each tab wants a basic auth challenge fulfilled.

@mukuld

This comment has been minimized.

Copy link

commented Jul 23, 2019

Ah, I understand the challenges. I had the same challenges on my corporate intranet and federated sites (and there are a lot in my environment). However, the workaround I documented works like a charm. I have been using Brave for the past week or so and have not looked back. It is very fast, smooth and looks great!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.