Sandeep Gandhi
Apr 11, 2018
2:09 pm

configuration of Active Directory and Identity Provider before deploying the SSO solution.

Hi Team,

          We are working on Single sign on functionality using knox standard sdk,For that we are refering "https://seap.samsung.com/html-docs/android-standard/Content/SSO-PREMIUM.htm".

In that you have mentioned below points:

1>Samsung SSO interacts with an enterprise’s Active Directory and SAML (Security Assertion Markup Language) Identity Provider without any cloud or third-party server component.

2>The app client and the Samsung SSO option on the device authenticate with the enterprise’s Active Directory as follows:

  1. SSO client on the device communicates with the Active Directory using the Kerberos protocol through VPN or on-premise Wi-Fi.
  2. After successful authentication, the SSO client provides the requested authentication token to the app, and forwards the authentication token, Negotiate token (for HTTP Negotiate), or SAML response (for SAML 2.0) to the intranet service or cloud service respectively depending on the token request type. 

we have some doubts in this  :

1. How to Cofigure this Active directory and what should be the  identity provider - For interaction purpose

2. How to configure  krb5.conf  and what should be the IDPLocationURL which we will pass as  SSOPolicy.SAMSUNG_SSO_BUNDLE_KEY_IDP_CONF_DATA.

Could you please tell us How it is working as we are new this SSO API . It will be helpful if we will get to know this information.

Thanks.

Sreenivasa Reddy
Aug 22, 2018
8:12 pm

Which version of windows server and active directory are you using? If its is a legacy windows server ad it might not support ADFS and SMAL.