Simple app and scripts used to test Kerberos auth on Chrome and WebView.
See the next section for more info about the app.
ninja -C out/Debug spnego_authenticator_apk adb install -r out/Debug/apks/SpnegoAuthenticator.apk
$CHROMIUM_SRC/tools/android/kerberos/negotiate_test_server.py
With command line arguments
$CHROMIUM_SRC/build/android/adb_chrome_public_command_line \ '--auth-server-whitelist="*" \ --auth-spnego-account-type="org.chromium.tools.SpnegoAuthenticator"'
By setting policies
The policies to set are:
*
org.chromium.tools.SpnegoAuthenticator
To set them you have to be able to set restrictions for apps on the device. This can be achieved using the TestDPC app (Play store, Github), which is made for testing enterprise related Android features, including app restrictions.
Set it up, then search for Chrome under “Manage app restrictions”, tap “Load manifest restrictions” and change the value for the restrictions mentioned above.
8080
to localhost:8080
should be prefilledThis app declares and sets up an account type to be used for Negotiate auth. When Chrome makes a request for the org.chromium.tools.SpnegoAuthenticator
account type, it returns the dummy account, allowing Chrome to continue the request.
See Writing a SPNEGO Authenticator for Chrome on Android on chromium.org for more information.