SSO (Single Sign On) Overview

image_pdfimage_print

Instead of using a simple LDAP authentication, it is possible to use integrated Windows Authentication, also known as Active Directory Single Sign On (AD SSO). Jedox natively supports SSO with AD. For authentication, newer versions of Windows use Kerberos per default. Older versions of Windows used NTLM.

Users who are logged in to the Microsoft Windows system are connected directly with the Jedox OLAP (In-Memory DB) server without further logon prompts.

To use Single Sign On, an Active Directory (AD) environment is mandatory. If the Jedox OLAP server and the AD are not running in the same domain, it may be necessary to set the Service Principal Name (SPN).

The Jedox installation must be configured for the 1) server’s operating system and 2) the desired SSO mode, and then 3) client must also be configured. These steps are outlined in the articles linked below:

Step 1: configure Jedox OLAP server  Windows / Linux

Step 2: configure SSO Mode  authorization mode / authentication mode

Step 3: configure Jedox clients  Excel Add-in / Jedox Web browser client

 If you’ve scaled or clustered Jedox, further configurations are necessary. See SSO Technical Information for more information.

Manual login option

When SSO or SAML is configured, some users (e.g. admins) need to manually log in, bypassing SSO and SAML. To do so, simply add the flag ?nosso to the login URL for Jedox web, e.g.

https://<serveraddress>/ui/login/?nosso

image_pdfimage_print