topic SSO from third part application with kerberos enabled on Alfresco in Alfresco Forum https://connect.hyland.com/t5/alfresco-forum/sso-from-third-part-application-with-kerberos-enabled-on/m-p/33682#M14244 <HTML><HEAD></HEAD><BODY><P>I am trying to login(thereafter search against the repository) from third party application against the kerberos enabled&nbsp; alfresco through REST API.</P><P>Basic HTTP authentication is allowing me to do it but then it has its own negatives as I have to pass everything through the query parameters</P><P>But when I am trying to do through&nbsp;<STRONG>/alfresco/api/-default-/public/authentication/versions/1/tickets</STRONG>, it is giving me "<STRONG>Please log in</STRONG>" response in the browser, SSO is not happening that means. I have enabled CORS too in tomcat but I think that might not be the issue.</P><P>Is there a way we can do SSO from external application through REST API in a kerberos enabled alfrescos?</P></BODY></HTML> Sun, 24 Dec 2017 15:45:39 GMT deepak9batra 2017-12-24T15:45:39Z SSO from third part application with kerberos enabled on Alfresco https://connect.hyland.com/t5/alfresco-forum/sso-from-third-part-application-with-kerberos-enabled-on/m-p/33682#M14244 I am trying to login(thereafter search against the repository) from third party application against the kerberos enabled&nbsp; alfresco through REST API.Basic HTTP authentication is allowing me to do it but then it has its own negatives as I have to pass everything through the query parametersBut when I Sun, 24 Dec 2017 15:45:39 GMT https://connect.hyland.com/t5/alfresco-forum/sso-from-third-part-application-with-kerberos-enabled-on/m-p/33682#M14244 deepak9batra 2017-12-24T15:45:39Z Re: SSO from third part application with kerberos enabled on Alfresco https://connect.hyland.com/t5/alfresco-forum/sso-from-third-part-application-with-kerberos-enabled-on/m-p/33683#M14245 <HTML><HEAD></HEAD><BODY><P>The tickets API that you are calling has been explicitly defined to not require pre-emptive authentication, i.e. via SSO. It always requires user/password authentication via request parameters. Given the current API design, you cannot obtain a ticket when using Kerberos SSO (from the client against a Kerberos-enabled Alfresco), but you "should" be perfectly capable of using all regular APIs with the&nbsp;same Kerberos authorisation header without having to obtain a ticket first.</P><P>I put "should" in quotes because supporting SSO in all possible combinations is something that has been&nbsp;a bit of a problem across various versions, so I&nbsp;am not 100% sure.</P></BODY></HTML> Mon, 25 Dec 2017 19:56:27 GMT https://connect.hyland.com/t5/alfresco-forum/sso-from-third-part-application-with-kerberos-enabled-on/m-p/33683#M14245 afaust 2017-12-25T19:56:27Z