Forum Discussion
tminfw2
May 06, 2016Nimbostratus
Client authentication methods versus Single Sign On methods
Currently, we mostly have the following structure for our APM profiles:
Present a logon page Verify entered username/password using any of these methods: LDAP, AD, Radius,... Map username and...
Yann_Desmarest_
Nacreous
Hello,
You are right, when choosing Kerberos, client certificate or ntlm authentication, you retrict your capabilities on the authentication mecanism supported on the backend for SSO.
When using authentication mecanism not prompting for password, you can only use kerberos delegation, saml or header based SSO.
Yann_Desmarest_
May 06, 2016Nacreous
If sso is ntlmv2, you have the options to use basic or forms based client auth because we need the password. Ntlmv2 client auth with ntlmv2 sso doesn't make sense and asaik is not supported through apm.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects