Instructions to enable Windows Domain SSO:
Assumptions:
-It is assumed that the Tomcat service is running on a server that’s managed by the Domain, and that that service/server has been trusted for Kerberos delegation through Active Directory.
-It is also assumed that all users/services/servers exist within the same domain.
-Internet Explorer may need to be modified to include the Scoreboard/Quickscore URL in its Intranet sites (even in order to make this work for Chrome it was required to add this within IE), also Enable Integrated Windows Authentication must be enabled.
Prepare Connect for SSO authentication
-In your Spider_Home folder go to Connect/baseConfig.xml
-Edit the file such that it has the following entries beneath the root element: http://URLtrue
…note that URL in this situation is the URL that Connect users should be forwarded to after logging out of Connect, such as your Scoreboard/Quickscore home page.
Enable SSO in Scoreboard/Quickscore
-Deploy the latest release
-Login as the admin user
-Go to the Admin->Application Administration section
-Change the Authentication Type dropdown such that “Windows Domain” is selected and Save
-Go to the Admin->Server Administration section
-Change the Single Sign-On SOAP Password to be anything of your choice
-Login to Connect as the admin user
-Go to App Administration and enter the same Single Sign-On SOAP Password that you just added (this allows Connect and Scoreboard/Quickscore to properly trust SSO users who login to Connect).
For Windows Domain authentication, these are true SSO options.