Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Kerberos is a network authentication protocol designed by the Massachusetts Institute of Technology (MIT) for SSO in client-server environments, while SPNEGO (Simple and Protected GSS-API Negotiation Mechanism) extends Kerberos SSO to web applications.  

This plugin source code is available in a new open source repository at https://github.com/jogetoss/. JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.


Test Environment

...

  • Windows Server COMPUTER NAME is WIN-TKDH9LCHUUO 

  • WINDOWS DOMAIN is windows.local

  • DOMAIN USER is joget

  • JOGET DOMAIN is joget.windows.local 


Info
  • This article assumes familiarity with the basics of Windows Server and Windows 10 system and network administration

  • This setup is tested within a local VirtualBox environment. Actual setup on a different environment should be adapted accordingly.

...

  1. In Settings > General Settings, set the API Domain Whitelist to * to allow SSO requests to the Kerberos Directory Manager. 

 


4. Setup Client PC for SSO

...

  1. In IE, click on Internet Options > Security > Local intranet site > Advanced and add the Joget domain e.g. http://joget.windows.local  

4.3 Test the SSO

  1. If using Using the Kerberos Directory Manager plugin approach, access http://joget.windows.local/jw/web/json/plugin/org.joget.plugin.kerberos.KerberosDirectoryManager/service to SSO.

    If using the Spring Security Kerberos Extension approach, access http://joget.windows.local/jw/web/sso to SSO. 

    Info

    Please note that for the SSO to work properly:

    • the client PC and Joget server must reside on different machines

    • the Windows server and client PC must reside on the same Windows domain

...

...