I’m in a large enterprise environment and am only an administrator of my local department’s OU. I doubt I’ll make much headway in modifying the domain controllers, as suggested by the SSO guide. Is there any way that machines joined to the domain can be configured to allow spark to auto-login via SSO without requiring a change to the DC?
Thanks!
Have you tried using this Openfire plugin: http://norman.rasmussen.co.za/dl/sasl-sspi/ ?
It’s documented here: http://community.igniterealtime.org/docs/DOC-1310
I’m using it successfully with Kerberos in my development environment and at a client site (both 3.7.0). Connecting via Pandion and over BOSH using a custom ActiveX control that does raw GSSAPI authentication.
Given generally how easy it is to configure Openfire, I’m surprised that the SSO configuration is so confounding.