Active Directory SSO

Hello, i am using XWIKI in free with LDAP Authentication.

I searched but i not find how i can use full SSO integration. I want to open my browser on XWIKI page without typing my password. I want automatic SSO.

It is possible with LDAP Authentication ? If no, there is another way ? (If i must pay i can do it)

Thanks

Hi,

it’s possible - we have it like this in our company.
As a starting-point: We do the kerberos-auth using apache (which is also our reverse-proxy) - see this:

(only until the tomcat-connector!)

with this, you can get the actual user as a http-header-variable to the xwiki-application.
And there, you’ll need the LDAP-authenticator:

With this, you’ll take this header-variable (search for: xwiki.authentication.ldap.httpHeader=REMOTE_USER)

and do the LDAP-auth to get the ActiveDirectory-Groups etc.

For details, search in this forum or on the other documentation pages. I can’t provide a full setup because of our special environment.

regards
gerd

1 Like

LDAP authentication is possible with the free LDAP authenticator. That’s just a matter of configuring the LDAP plugin with the correct parameters.

As for configuring it without using a username/password prompt, I didn’t know that was even possible. (Is it even possible?).

On my system, if the users save their credentials with their browser session, they log in automatically after the first time.

I will check this and how we can implement it