Difference between revisions of "Samba4/HOWTO/Setup a Single Sign-On Website"

(Usecase: added content)
(Requirements: added content)
Line 16: Line 16:
  
 
=== Requirements ===
 
=== Requirements ===
 +
* Samba4 setup as domain controller
 +
* a working DNS configuration
 +
* a working Kerberos configuration
 +
 +
It`s recommended to follow the setup process described at [[Samba4/HOWTO]].
 +
 
== Setup ==
 
== Setup ==
 
=== Apache2 ===
 
=== Apache2 ===

Revision as of 22:56, 23 July 2012

Goal

This Howto aims to show a clean way to setup a website that provides:

  • SSL encryption (HTTPS) by using a self-signed certificate
  • single sign-on from within your Samba4 domain
  • optional login from outside (user/password prompt)
  • full Kerberos 5 authentication security

The type of setup shown here is very minimal. It is intended to get you a basic idea of how the process works.

Usecase

You may provide a secured intranet website for your clients, hosting private content on a per-user basis.

It´s also possible to develop a web based application for domain management, using Kerberos/LDAP and Samba´s Python API. More information on this topic may be provided in another document.

Requirements

  • Samba4 setup as domain controller
  • a working DNS configuration
  • a working Kerberos configuration

It`s recommended to follow the setup process described at Samba4/HOWTO.

Setup

Apache2

Active Directory

Windows Client(s)

Troubleshooting