SSO (AD + application) configuration guide

zoras 26 Reputation points
2021-07-09T07:52:26.397+00:00

I got two machines, both with Windows Server 2016.
One with AD (not Azure AD) and one with an Java container (KARAF) and Krb5LoginModule (from JAAS).
I want to set up Kerberos 5 in this environment, so that the Java machine can authenticate a user by contacting the KDC (AD).

Is there a (step by step) guide, article or documentation to set up/configure an SSO application? Like starting the service on AD, changing user settings for making them fit to authenticate, register spn, etc. Also maybe on application side (I know that java has no place here, but the settings must be similar).

Thanks in Advance

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,364 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,801 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Thameur-BOURBITA 32,496 Reputation points
    2021-07-09T10:18:19.61+00:00

    Hi,

    I don't think that here you will find a documentation about Java application.
    You can ask this question on Java forum. Here there is only Microsoft specialist.
    based on my experience, you have to know if the Java application you are used needs :

    • a service account
    • Check if a keytab file is required
    • A SPN set on service account

    You should check with the developer who should know if the application requires a service account with keytab file or only a service account to ensure the SSO using kerberos protocol. He should know also which SPN should be set for this application.


    Please don't forget to mark helpful reply as answer