Help

SSO from third part application with kerberos enabled on Alfresco

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
deepak9batra
Member II
‎24 Dec 2017 3:45 PM

SSO from third part application with kerberos enabled on Alfresco

I am trying to login(thereafter search against the repository) from third party application against the kerberos enabled  alfresco through REST API.

Basic HTTP authentication is allowing me to do it but then it has its own negatives as I have to pass everything through the query parameters

But when I am trying to do through /alfresco/api/-default-/public/authentication/versions/1/tickets, it is giving me "Please log in" response in the browser, SSO is not happening that means. I have enabled CORS too in tomcat but I think that might not be the issue.

Is there a way we can do SSO from external application through REST API in a kerberos enabled alfrescos?

0 Kudos
1 Reply
afaust
Master
‎25 Dec 2017 7:56 PM

Re: SSO from third part application with kerberos enabled on Alfresco

The tickets API that you are calling has been explicitly defined to not require pre-emptive authentication, i.e. via SSO. It always requires user/password authentication via request parameters. Given the current API design, you cannot obtain a ticket when using Kerberos SSO (from the client against a Kerberos-enabled Alfresco), but you "should" be perfectly capable of using all regular APIs with the same Kerberos authorisation header without having to obtain a ticket first.

I put "should" in quotes because supporting SSO in all possible combinations is something that has been a bit of a problem across various versions, so I am not 100% sure.

0 Kudos
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.