@Test public void kerberosTicket() throws Exception { setupRealmUser(); KerberosContainer kdc = startKdc(); configureSso(kdc, false); jenkins.logout(); // Get TGT String tokenCache = kdc.getClientTokenCache(); // Correctly negotiate in browser FirefoxDriver negotiatingDriver = getNegotiatingFirefox(kdc, tokenCache); negotiatingDriver.get(jenkins.url("/whoAmI").toExternalForm()); String out = negotiatingDriver.getPageSource(); assertThat(out, containsString(AUTHORIZED)); // The global driver is not configured to do so jenkins.visit("/whoAmI"); // 401 Unauthorized assertThat(driver.getPageSource(), not(containsString(AUTHORIZED))); // Non-negotiating request should fail as well assertUnauthenticatedRequestIsRejected(getBadassHttpClient()); }