[QUESTION] Does LDAP Auth support SSO?


(Mark Phillips) #1

Hello.
While I’m pretty sure I already know the answer to this, please can someone clarify:

Does ReadonlyRest support LDAP Auth where for example the users authentication token that is poking ElasticSearch could be used, much like how other “Use Windows Authentication Passthrough” applications operate?

Thanks


(Simone Scarduzio) #2

Hello @MarkPhillips!

Not a Microsoft expert, but ReadonlyREST with LDAP over SSL behaves very similarly to what is explained in this Microsoft article about “passthrough authentication”.

It is “pass through” meaning that when a request comes with credentials, it is “passed through” via a secure channel to an authentication server (LDAP server in our case, the domain controller in the article).

The difference is that instead of “Netlogon Remote Protocol” (of which I ignored the existence) you need to use plain LDAP, and everything works.

I hope it helps,

_S


(Mark Phillips) #3

Hello @sscarduzio :slight_smile:
Thanks for your reply, this is what I thought, thank you for your fast response.

Keep up the good work


(Simone Scarduzio) #4

Thanks Mark! :thumbsup:

Glad to help