August 25, SSO with Microsoft Active Directory Presented by: Craig Larrabee
This will allow CenterView to determine what user has signed into an Active Directory Domain, and based on that user, get the groups that user is a member of based on the existing Active Directory Authentication plugin. August 25, 20152
Server Setup Perform on the server –Drop jcifs jar into /Server/corda/WEB-INF/lib/ August 25, 20153
Server Setup Perform on the server Add the contents of AD_SSO_Filter.txt to the beginning of the filter section of /Server/corda/WEB-INF/web.xml Add the contents of AD_SSO_Filter.txt to the beginning of the filter mapping section of /Server/corda/WEB-INF/web.xml August 25, 20154
Server Setup Perform on the server Set the Domain controller address, Domain Name, Username and Password (same as Bind User and Password in AD Auth Plugin) jcifs.http.domainController: enter the DNS or IP address of the LDAP Server (e.g , or server.domain.com) jcifs.smb.client.domain: Enter the domain of the server you are authenticating against (e.g. corda.com) jcifs.smb.client.username:Enter an app account without the domain name (e.g. binduser NOT jcifs.smb.client.password: app account’s password August 25, 20155
Server Setup Perform on the server Optional parameter for enabling logging jcifs.util.loglevel: 0=off-10=verbose default=1 jcifs.util.loglevel 3 Information is sent to the standard CenterView logs August 25, 20156
Server Setup Perform on the server Modify the authenticate method of /Server/plugins/src/examples/auth/activedirectory/ADAuth Plugin.java to use request.getRemoteUser() as the userName (compare the included ADAuthPlugin.java with the one installed with CenterView) Build the Auth Plugin and put the class file in the correct directory NOTE: I suggest creating a new auth plugin and copying the existing ADAuthPlugin source rather than just modifying the existing one. August 25, 20157
Web Browser Perform the steps in the following slides in the browser 8/25/20158
Add the URL to the Local Intranet Zone in Internet Explorer August 25,
Add the URL to the network.automatic-ntlm- auth.trusted-uris in Firefox August 25,