Authorized Reseller

AppFusions resells the products we work with. We are vendor approved in many Fortune 100 corporations.

Managed Hosting

Need secure managed hosting with flexibility and skilled expertise?

SSO Authenticator for AD/ADFS/LDAP and Atlassian Servers (via Kerberos)

Single sign-on authenticator for Active Directory/Active Directory Federation Service/LDAP, including full support for Confluence, JIRA, Bitbucket Server (formerly Stash), Crowd, Bamboo, FishEye, Crucible, SVN

AppFusions AD Kerberos SSO Authenticator Settings

Upon installing the AppFusions AD Login Authenticator, the following configurations will be available in the authenticator's configuration panel.

Icon

Contact AppFusions to proceed with your SSO configurations. Also note - that you must restart your server after you have made changes to the settings.


SSO Settings

Setting

Mandatory/
Optional

Description

Caveats

Login Client Module

Mandatory

The Client LoginModule that exists in the login.conf file.

 

Login Server Module

Mandatory

The Server LoginModule that exists in the login.conf file.

 

KRB5 Configuration File

Mandatory

The location of the krb5.conf file.

On Windows, this file will sometimes be names krb5.ini and reside %WINDOWS+ROOT%/krb5.ini.

Login Configuration File

Mandatory

The location of the login.conf file.

 

Network Domain Username

Mandatory

Network Domain username

For Windows, this is sometimes known as the Windows NT username.

Network Domain Password

Mandatory

Network Domain password

For Windows, this is sometimes known as the Windows NT password.


Feature Settings

Setting

Description

Allow Basic Authentication

Enable this value if Basic Authentication should be allowed.

Allow Unsecured Basic Authentication

Enable this value if connections that do not use SSL/TLS should be rejected

Prompt NTLM

If the server receives an NTLM token, a 401 response will be returned, with Basic Authentication as the only option (no negotiate)


URL Extensions

URL extensions settings panel allows the administrator to define specific URL patterns that will be excluded (skipped) from SSO Authentication.

The URL patterns must be entered in Java regex format.

For example, to exclude all REST services, the pattern will be ^/rest/.*

Use comma (,) when specifying multiple patterns.

For example, ^/rest/.,^/rpc/.**