For feature suggestions, describe the result you would like to achieve in detail: Users connect to OO providing either LDAP or SSO credentials
For bug reports, provide the steps to reproduce and if possible a minimal demo of the problem: —
Community Server version: 12.5.2.1848
Control Panel version: 3.5.0.516
Type of installation of Workspace: deb
OS: Ubuntu Linux 22.04
Browser version: Firefox 115.0.2
Hey all,
while testing community server for my use case, I am able to login to OO workstation via my LDAP server (Windows AD), and it works great.
It would be preferred to be able to login via SSO simultaneously.
is this possible ?
can I configure OO to connect to LDAP and SSO at the same time, so some users can login to OO using LDAP credentials and other users via SSO also ?
if so, it there any trick in the configuration, or just the documented procedures for LDAP and SSO separately ?
Yes, this is possible. There are no tricks, just connect your LDAP server via Control Panel => LDAP and SSO server via Control Panel => SSO. If a user has the same email address on both LDAP and SSO servers, they will have a possibility to log in to the portal via both LDAP and SSO.
One last question,
maybe fool one (I have little knowledge on SSO technology) but I 'll say it just in case.
My organization’s SSO service is relaying on CAS (as far as I know, Apereo CAS).
I can understand that CAS is the protocol and Apereo CAS and also Shibboleth are server implementations.
The following two sentences from OO Workstation’s ControlPanel and Documentation respectively make me ask here.
Single Sign-on allows to enable or disable third-party authentication using the installed SSO services (OneLogin, Shibboleth, etc) without providing additional credentials. SAML protocol is used as it is considered to be more secure.
Hi @alextasikas,
This means we have tested the SSO connection only with these IdP’s, but you can try to connect Apereo CAS as well and check if it works.