Difference between revisions of "Windows Authentication"

Revision as of 01:10, 11 December 2014

Note the following guide is for Tomcat 6 or higher.

The first part of the installation ensures the basic SSO communication is in place.

Troubleshooting

After a succesfull test you should remove the jsp test file.

Install the SPNEGO filter on the application

Copy filter setting from the guide to <TempusServaApplication>\WEB-INF\web.xml
Change the filter mapping from *.jsp to the login page

  <filter-mapping>
      <filter-name>SpnegoHttpFilter</filter-name>
      <url-pattern>/login</url-pattern>
  </filter-mapping>

Configure TempusServa to accept SSO by changing system configuration

  ssoSpnegoAuthenticate = true

Finally restart Tomcat

Find a suitable user

Login to a machine connected to the Domain controller

Navigate to the TempusServa login page and check if you are logged in and redirected to the main page.

Other results

Login displayed with "Login failed" message: The SPNEGO is working but it was not possible to match the Windows authenticated user to a (valid) user in the Tempus Serva database
Login displayed without any messages: The SPNEGO is NOT working or is deactivated

@@ Line 6: / Line 6: @@
 === Installation part 1 ===
+The first part of the installation ensures the basic SSO communication is in place.
 # [http://spnego.sourceforge.net/pre_flight.html Run pre flight checklist]
 # [http://spnego.sourceforge.net/spnego_tomcat.html Run installation]
@@ Line 12: / Line 14: @@
 * Check Tomcat is running in the same context as the domain user
 * Ensure only one SPN exists (with fully qualified name)
+After a succesfull test you should remove the jsp test file.
 === Installation part 2 ===