1 Reply Latest reply on Oct 19, 2012 7:58 PM by Jack Baret

    LCES2 Single Sign On using SPNEGO

    Jovan_Ilievski Level 1

      Heres the scenario:


      - I've got a development machine with a hostname of lcdev.

      - The internal network name is xyz.schools.local

      - The external domain is xyz.ca

      - We have a CNAME (alias) of lcdev.xyz.ca inside our network

      - All of my forms and web services are configured to use the external domain (xyz.ca) so that there is no confusion when users click on a link that takes them to a task.  The same link is accessible both internally and externally.


      The problem occurs when attempting to configure SPNEGO, the SPN needs to be mapped to the same domain as the users (xyz.schools.local) and we cannot make xyz.ca a trusted domain as there would be a conflict with other software currently in our system.


      I've looked at HTTP Headers and found the security to be lacking.


      What are my options for implementing SSO?