Page 1 of 1
Single Sign On Question
Posted: Thu Sep 10, 2015 9:35 am
by sscanlon
Hi - Have a question about single sign on.
I see the Doco page for altering the conf file to enable Kerberos Authentication. After making this change - what happens if the kerberos authentication fails? Is the user then presented with a sign on screen? If not, is there a way to configure it so that this happens?
Thank you.
Re: Single Sign On Question
Posted: Mon Sep 14, 2015 4:48 pm
by Scott Klement
You could try the "KerberosOrBasic" AuthType. That might allow it to fall back to prompting the user for a userid/password if Kerberos authentication fails? I can see that option in the documentation, here:
http://www-01.ibm.com/support/knowledge ... 23authtype
Keep in mind that Kerberos support is not a part of Profound UI, rather it is a part of the IBM HTTP Server (powered by Apache) that is included with the operating system. You can use it with Profound UI, of course, because Profound UI runs on the IBM HTTP Server. However, since it is really an IBM feature rather than a Profound feature, I am not an expert :-)
I can see there is an option of "AuthType KerberosOrBasic", but I haven't tried it myself, and in fact I don't have access to a Kerberos environment that I can try it with. So please check out the IBM docs and see if they help you. If not, please contact
support@profoundlogic.com so that we can look into it further.
Re: Single Sign On Question
Posted: Fri Sep 18, 2015 9:00 am
by sscanlon
Thank you for the reply Scott. Waiting to get the service principals added to AD and then will give it a shot.