APM Cookbook: Single Sign On (SSO) using Kerberos
To get the APM Cookbook series moving along, I’ve decided to help out by documenting the common APM solutions I help customers and partners with on a regular basis.
Kerberos SSO is nothing new, bu...
Published Apr 28, 2014
Version 1.0
Smithy
Cirrostratus
Cirrostratus
SmithyCirrostratus
CirrostratusHi Martin,
You can split the user@KRB-REALM.ORG (session.logon.last.username) into seperate variables using TCL or add an AD Query object to the VPE and set the "SearchFilter" to "userPrincipalName=%{session.logon.last.username}". It will populate "session.ad.last.attr.sAMAccountName" and "session.ad.last.actualdomain". Then change the "SSO Credential Mapping" object to use "session.ad.last.attr.sAMAccountName" instead of "session.logon.last.username".
Cheers,
Brett