Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Kerberos is a network authentication protocol designed by the Massachusetts Institute of Technology (MIT) for SSO in client-server environments, while SPNEGO (Simple and Protected GSS-API Negotiation Mechanism) extends Kerberos SSO to web applications.  

This plugin source code is available in a new open source repository at https://github.com/jogetoss/. JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.


Test Environment

...

  • Windows Server COMPUTER NAME is WIN-TKDH9LCHUUO 

  • WINDOWS DOMAIN is windows.local

  • DOMAIN USER is joget

  • JOGET DOMAIN is joget.windows.local

     


Info
  • This article assumes familiarity with the basics of Windows Server and Windows 10 system and network administration

  • This setup is tested within a local VirtualBox environment. Actual setup on a different environment should be adapted accordingly.

...

3.1 Upload Kerberos Directory Manager Plugin

  1. Download the Kerberos the Kerberos Directory Manager plugin from the Joget Marketplace and upload it in Settings > Manage Plugins. 

...

  1. In Settings > General Settings, set the API Domain Whitelist to * to allow SSO requests to the Kerberos Directory Manager. 

...


4. Setup Client PC for SSO

...

  1. In IE, click on Internet Options > Security > Local intranet site > Advanced and add the Joget domain e.g. http://joget.windows.local  

4.3 Test the SSO

  1. If using Using the Kerberos Directory Manager plugin approach, access http://joget.windows.local/jw/web/json/plugin/org.joget.plugin.kerberos.KerberosDirectoryManager/service to SSO.If using the Spring Security Kerberos Extension approach, access http://joget.windows.local/jw/web/sso to SSO. 

    Info

    Please note that for the SSO to work properly:

    • the client PC and Joget server must reside on different machines

    • the Windows server and client PC must reside on the same Windows domain

...

...