Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:sso_ad_domain [2019/10/04 09:06] kopro [Enable authentication in browsers] add information about automatic logon |
tutorial:adm:sso_ad_domain [2020/02/11 07:23] doischert |
||
---|---|---|---|
Line 2: | Line 2: | ||
CzechIdM supports Single-Sign-On of the AD domain users. The mechanism uses web server, which handles the Kerberos authentication and provides the login of the authenticated user in the HTTP header. Then CzechIdM processes this header and authenticates the user automatically. | CzechIdM supports Single-Sign-On of the AD domain users. The mechanism uses web server, which handles the Kerberos authentication and provides the login of the authenticated user in the HTTP header. Then CzechIdM processes this header and authenticates the user automatically. | ||
+ | |||
+ | <note important> | ||
If the user is the Application Admin (e.g. has assigned the role superAdminRole), | If the user is the Application Admin (e.g. has assigned the role superAdminRole), | ||
Line 89: | Line 91: | ||
</ | </ | ||
- | Add Kerberos configuration and setting the '' | + | Add Kerberos configuration and setting the '' |
< | < | ||
< | < | ||
Line 103: | Line 105: | ||
| | ||
+ | |||
+ | < | ||
+ | Satisfy Any | ||
+ | </ | ||
</ | </ | ||
This configuration enables **Negotiate** (the users logged in domain computer will be automatically authenticated - this must be enabled in the browser), as well as **Basic Auth** (the user, who is not logged in domain computer, will be first prompted for username and password with the message " | This configuration enables **Negotiate** (the users logged in domain computer will be automatically authenticated - this must be enabled in the browser), as well as **Basic Auth** (the user, who is not logged in domain computer, will be first prompted for username and password with the message " | ||
Line 176: | Line 182: | ||
* '' | * '' | ||
+ | ===== See also ===== | ||
+ | [[9.7: |