Joget DX 8 Stable Released
The stable release for Joget DX 8 is now available, with a focus on UX and Governance.
...
Kerberos is a network authentication protocol designed by the Massachusetts Institute of Technology (MIT) for SSO in client-server environments, while SPNEGO (Simple and Protected GSS-API Negotiation Mechanism) extends Kerberos SSO to web applications.
This plugin source code is available in a new open source repository at https://github.com/jogetoss/. JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.
Test Environment
Joget Server: Joget Workflow v5 Enterprise on Apache Tomcat 8 and Java 8
Windows Server: Windows Server 2012 R2 Datacenter (running on VirtualBox within a NAT Network, downloaded from https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2)
Windows Client PC: IE11 on Windows 10 (running on VirtualBox within a NAT Network, downloaded from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/)
...
Windows Server COMPUTER NAME is WIN-TKDH9LCHUUO
WINDOWS DOMAIN is windows.local
DOMAIN USER is joget
JOGET DOMAIN is joget.windows.local
Info |
---|
|
...
In Settings > General Settings, set the API Domain Whitelist to * to allow SSO requests to the Kerberos Directory Manager.
...
In IE, click on Internet Options > Security > Local intranet site > Advanced and add the Joget domain e.g. http://joget.windows.local
If using Using the Kerberos Directory Manager plugin approach, access http://joget.windows.local/jw/web/json/plugin/org.joget.plugin.kerberos.KerberosDirectoryManager/service to SSO.
If using the Spring Security Kerberos Extension approach, access http://joget.windows.local/jw/web/sso to SSO.
Info |
---|
Please note that for the SSO to work properly:
|
...
https://venkatsadasivam.com/2009/08/29/single-sign-on-in-java-platform/
http://docs.spring.io/spring-security-kerberos/docs/1.0.1.RELEASE/reference/htmlsingle/
https://tomcat.apache.org/tomcat-8.0-doc/windows-auth-howto.html
http://docs.oracle.com/javase/jndi/tutorial/ldap/security/gssapi.html
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/lab/part1.html#PART1
https://docs.oracle.com/cd/E23943_01/web.1111/e13707/sso.htm#SECMG481
https://stackoverflow.com/questions/25289231/using-gssmanager-to-validate-a-kerberos-ticket
...