Forum Discussion
1 Reply
Sort By
- Stanislas_Piro2Cumulonimbus
I don't know documents, here is a simple way to know which SSO profile choose:
- with firefox, open developper's tool
- try to connect to web site from internal network
- if authentication is requested within a web page, this is a form authentication
- else check the status code (200, 302, 401, 500, ...)
- if code is 401 ,this is Basic, NTLM, and/or Kerberos Authentication (multiple authentication can be enabled)
Then if this is form authentication:
- clear developper's tool, enable persistent logs
- try to authenticate
- the first request may be a POST (90% of Form authentication uses POST)
- click on it, a panel on right side opens, go to parameters tab
- you may see all POST parameters. copy these parameters.
- close the browser, and try again from the beginning (with same credentials)
- compare parameters with previous POST. if these parameters are the same, you can use Form-Based SSO, else, you must enable Form Client-initiated SSO
If it is a 401 status code:
- click on the 401 line, a panel on right side opens, Stay on headers tab
- search for WWW-authenticate response header
- if this header is BASIC : you can use BASIC SSO
- if this header is NTLM : you can use NTLMv2 SSO (NTLMv1 is for backward compatibility)
- if this header is Negotiate : you can use Kerberos SSO
- If there are multiple headers, you can choose one in the list.
After you identified the SSO method, you can read the admin guide on how to configure it.