SSO with SPNego using a port number in SPN
Looking for some advice or someone who has previously made this work who can provide a little direction.
Have a dev/qa server running multiple J2EE/Portal systems that I would like to get SPNego SSO working on each of the systems.
I picked up a 1/2 done (by previous Basis admin) SPNego SSO setup at my current employer, the config was trying to use port numbers in the SPN, but it was failing to work. I dropped the setup back a step so that the SPN in Windows 2003 domain just used the host name & configured just one system with SPNego and the SSO started working perfectly (for that one system)
As the subject says I'd like to configure my SPNego SSO into portal against specific ports numbers because I have multiple non-production systems sharing the one server.
At the moment the SPN in Windows2003 AD is configured just against the host name ->
So only one Portal works with SSO.
This also means I can't configure any other system for SPNego SSO at that host, since duplications in an SPN isn't allowed. What I'd like to do is include port numbers into the SPN, which will allow me to configure SPNego for more than one system on my dev & test server ->
Has anyone successfully done this before? Any tips/advice? When troubleshooting previously when port numbers were in our SPNs it seemed as though SAP was not aware of the port number at all, there was no reference to port at all in any J2EE/Portal logs I was looking through, just the SPN against the host name.
I found a MS KB article which points to an IE 6 bug - http://support.microsoft.com/?id=908209 - not sending port number during logon, this might be my fix, BUT I'm running IE7 so no idea if it's relevant or how to apply it to IE7?
From the SAP notes end of things I can't find anything about using port numbers in SPNs for SPNego.
Hopefully someone has made this work previously!