AnsweredAssumed Answered

Skip credentials prompt on NTLM-SSO Fail

Question asked by rfras on Jan 19, 2017
Latest reply on Jan 19, 2017 by afaust

Alfresco Version: Community - 5.1.0 (r127059-b7)

 

I have managed to successfully configure passthru for Share-SSO against our ActiveDirectory. Domain authenticated Users can login without problems.

 

The problem I am faced with now lies with our customer's users, which we create directly in Alfresco. Whenever a non-domain user tries to open our Share-Site, he gets met with a credentials prompt. Using that prompt, it is impossible to login with anything but a domain user.
Even when using the SSO-bypass from the documentation (https://our.alfresco.page/share/page/type/login ), a non-domain user is met with a credentials prompt.


When canceling the prompt twice, the non-domain user is presented with a blank page (https://issues.alfresco.com/jira/browse/MNT-15841 like in this case. Although I now see that this seems to have been fixed in the 201612GA version).

 

My question is: is it possible to completely skip the credentials-prompt on authentication failure, meaning that external, non-domain users would always just get presented with the normal share login screen? Or is this a limitation of NTLM SSO and we would be better off using another SSO method (for example Kerberos)?

Outcomes