Unfortunatelly i don´t have an Apache Instance on this Server (only a Tomat Instance for Xwiki). Futhermore are the Warning in this Article is nearly 8 Years old.
So my question: Is there another simply way to make SSO for my Users Reality? Or maybe anyone from the Core Member Team know, if there are Efforts to make SSO native possible?
If you run XWiki on Windows, you can use the Waffle library files to perform WIA (Windows integrated authentication); this works nicely for our environment. Basics:
First you will need to give more details on what exactly you mean by “SSO” because this is just a generic term for very different systems. What I can tell you for now is:
you can probably find various modules that can be used at tomcat level (exactly like the Waffle suggestion from @bstewart but Waffle is by definition very Windows oriented)
writing a custom authenticator supporting SSO is easy in XWiki (but then it depends on the complexity of the protocol you have to support) and various already exist on https://extensions.xwiki.org/xwiki/bin/view/Extension/# so there is always a way
my Goal is to reach a SSO (Single Sign On) with a CentOS based XWIKI Installation (Tomcat) in Connection with our Windows based Domain Controllers.
Unfortunatelly I´m more a System administrator and Architect than a Programmer, so I do not dare to to programm it myself.
I already looked in the Extensions Page, but unfortunatelly, except for the LDAP Authenticator (Which i already use for LDAP Authentication) i didn´t find a Extension for Authentication. And absolutly no Extension for SSO.
When there is a simple SSO Extension i think many of the XWIKI Users would appreciate XWIKI a lot of more (especially the normal XWiki-Users )
As I said you should not search for “SSO” because it does not actually mean anything. Most of the extensions support some kind of SSO (even the LDAP one even if you are using it in login/pass mode). If your use case is Windows domain (you should have started with that) then Waffle is generally a good start, you don’t need to do anything when you put it in a Windows system but maybe you can configure it some way on Linux (but you will have to look at Waffle documentation because I’m really not a Waflle expert).
My understanding is that the Waffle libraries only work on Windows because they use Windows-specific calls (SSPI, IIRC) that don’t exist on other operating systems.
Many times, what Windows domain admins refer to as SSO is Windows integrated authentication (WIA). My recommendation is that if you want WIA with XWiki, by far the easiest way to achieve this is to install XWiki on Windows, install the LDAP Authenticator extension, update the needed files (as noted in the instructions I posted), and restart the Tomcat service. (I don’t know whether WIA is really possible any other way.)