Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [single-sign-on]

Single Sign On is a technology that allows a single login to be transparently used with multiple applications and environments.

Single Sign On (SSO) is a technology that allows the transparent use of a single username and password in multiple security domains. They're commonly used as part of a greater framework which unites otherwise separate systems into a single virtual login domain. SSO systems may be purely web-based, or client-based.

A variety of technologies can be used to build SSO systems.

347 questions
0
votes
0 answers

Azure AD Kerberos decryption key rollover; new-azureADSSOAuthenticationContext; using token instead of pscredential

We do the 30 days kerberos decryption key rollover process automated by using an "encrypted" password stored within a text file to create the neccessary PSCredential object for the Powershell command new-azureADSSOAuthenticationContext. This works -…
John Ranger
  • 123
  • 5
0
votes
0 answers

Is it possible to add Google single sign on to specific 365 users, NOT the whole tenant?

We've got a client with a satellite office outside of the US, and it's not connected to their AD server. As such, changes to their 365 passwords are not synced like the home office does, and it gets to be a real hassle when they're trying to login…
NC666
  • 1
  • 1
0
votes
1 answer

basic understandig about kerberos sso in apache

I'm trying to configure kerberos sso in apache at the moment. On the test server the website sub.internal.local workes quite well in reference to the kerb sso. When I try to adopt the config to another apache server, which is opend via…
horst
  • 1
  • 2
0
votes
1 answer

OpenCms: Kerberos SSO authentication with httpd+Tomcat

I have a standalone httpd+Tomcat 8.5.65 installation on OpenJDK 11 with OpenCms 11.0.2 for my client's internal website. They have a LDAP network and they're requesting the automated logon using Kerberos (krb5). We configured SPNego and it works on…
user3804769
  • 101
  • 1
0
votes
0 answers

Login to SSL VPN via SSO and then use SSO inside VPN for other Service Providers possible?

I have a setup where you authorize via SAML SSO (keycloak as idp) to access a SSL VPN (fortigate as sp). Now inside the VPN there are authorization reverse proxy servers. Is it possible to have the same SSO automatically authorize users to the proxy…
cu 29p
  • 1
0
votes
2 answers

ADFS as proxy to some IDP

As far as I know, Exchange does support WS-Federation, but it does not support SAML. At the same time I have IDP that does support SAML, but does not support WS-Federation. Is it possible to configure ADFS as proxy? For example: Exchange OWA/ECP ->…
Oleksii
  • 145
  • 2
  • 7
0
votes
1 answer

SAML 2.0 NameIDPolicy that was not satisfied by the issued token

I am working on a SAML integration with some monitoring software, but I keep receiving the MSIS7070 error below. I have tried numerous transform combinations with no luck. I am certain this is something relatively easy to fix, but my AD FS knowledge…
Chris Lombardi
  • 111
  • 2
0
votes
1 answer

What is the proper way to use IIS to forward the REMOTE_USER header to Tomcat?

I am trying to set up SSO with IIS 10 and Tomcat 9. I want to use Windows Authentication in IIS and pass the authenticated username to Tomcat. I had this working with Tomcat 8.5, however after upgrading to Tomcat 9 I can't get the…
Ryan
  • 111
  • 4
0
votes
0 answers

IIS: Kerberos authentication only works from local machine

I'm setting up an IIS application on a server within my domain. I configured SPN's and settings to allow windows authentication to work with kerberos and Single Sign On, and everything works fine on my local machine. The problem is that whenever I…
עומר אנגי
  • 1
0
votes
1 answer

IDP initiated SSO does not works on Win server 2016

I am trying to setup IdP initiated SSO on Windows Server 2016. I have configured the Relying party trust and the claim rules as well. I enabled the IdP Sign on page following -…
Techievent.in
  • 1
  • 1
0
votes
1 answer

Single Sign On in Solarwinds Security events manager (SEM)

I am having an issue where I am getting a prompt from SEM web gui to provide my credentials. I provide credentials (we use both tokens and passwords).  It does not fail unless I close the prompt. LDAP works fine. I have a CA that I signed the ssl…
Nicholas Buckingham
  • 1
0
votes
0 answers

Single sign on with Samba AD DC, Linux servers, GSSAPI/Kerberos and Windows clients that are not joined to the domain

Setup We have: a machine running Samba 4 on Debian Buster as AD DC. another Debian Buster machine running Samba 4 as file server, joined to the domain with net join and using winbind for authentication (let's call this FILE). a third Debian Buster…
Magnus Holmgren
  • 11
0
votes
2 answers

How to have only one login for multiple websites on the same linux machine?

I'm having multiple websites (like mediawiki, gitea and kanboard) and I'm thinking about making the login the same on all services. But how do I do that? I looked at AD but I read that it's Windows only? I also heard about "FreeIPA" but I read that…
Chris
  • 1
0
votes
2 answers

Configuring Azure Console for _external_ authentication/SSO/IdP?

I'm looking for pointers on how to configure Azure "IAM" to trust an external IdP/Authentication server.... am trying to find my way around the docs for Azure which is... not easy. Help would be more than appreciated... Some more context: The…
JJarava
  • 167
  • 2
  • 9
0
votes
0 answers

AzureAD OpenID Connect JWT "platf" claim value

I am setting up an application that will use AzureAD as an OpenID Connect IDP for authentication. I want to know if the authenticating device is an AzureAD "managed" or "compliant" device at the application level by checking the returned JWT access…
user571191
  • 1
  • 1
1 2 3
23 24